LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

RLIMIT_NPROC and setuid()

RLIMIT_NPROC and setuid()

Posted Jul 21, 2011 13:47 UTC (Thu) by jake (editor, #205)
In reply to: RLIMIT_NPROC and setuid() by ortalo
Parent article: RLIMIT_NPROC and setuid()

Hmm, I had hoped that I made that clear in the article, sorry that I didn't. When a process does a setuid() to another user, it needs to "fit" in the new user's RLIMIT_NPROC (or else users can evade that limit by way of setuid programs). So, when a privileged process changes its UID by way of setuid(), something needs to be done to enforce RLIMIT_NPROC. Failing the setuid() itself can cause problems with badly written programs, so these patches are ways to enforce that limit without returning an error from setuid().

Does that help?

jake

(Log in to post comments)

RLIMIT_NPROC and setuid()

Posted Jul 21, 2011 14:38 UTC (Thu) by tialaramex (subscriber, #21167) [Link]

The classic example (the version I've seen is for a BSD, contrary to the comment at the top) is that a user comes in via SSH.

SSH creates a new process to handle the connection, authenticates the user, then setuid() to the user and execs the shell.

But if none of these steps enforce limits, the user can just SSH in as often as they like despite the administrator setting a limit.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds