User: Password:
|
|
Subscribe / Log in / New account

RLIMIT_NPROC and setuid()

RLIMIT_NPROC and setuid()

Posted Jul 21, 2011 12:57 UTC (Thu) by ortalo (subscriber, #4654)
Parent article: RLIMIT_NPROC and setuid()

I find it difficult to understand the overall interaction issues here too.

RLIMIT_NPROC is here to prevent fork bombs (mostly from unprivileged accounts) and setuid() to allow a process to reduce its privileges (mostly for privileged accounts). Am I right?
How do they interact?


(Log in to post comments)

RLIMIT_NPROC and setuid()

Posted Jul 21, 2011 13:47 UTC (Thu) by jake (editor, #205) [Link]

Hmm, I had hoped that I made that clear in the article, sorry that I didn't. When a process does a setuid() to another user, it needs to "fit" in the new user's RLIMIT_NPROC (or else users can evade that limit by way of setuid programs). So, when a privileged process changes its UID by way of setuid(), something needs to be done to enforce RLIMIT_NPROC. Failing the setuid() itself can cause problems with badly written programs, so these patches are ways to enforce that limit without returning an error from setuid().

Does that help?

jake

RLIMIT_NPROC and setuid()

Posted Jul 21, 2011 14:38 UTC (Thu) by tialaramex (subscriber, #21167) [Link]

The classic example (the version I've seen is for a BSD, contrary to the comment at the top) is that a user comes in via SSH.

SSH creates a new process to handle the connection, authenticates the user, then setuid() to the user and execs the shell.

But if none of these steps enforce limits, the user can just SSH in as often as they like despite the administrator setting a limit.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds