On Wed, 14 Jun 2006, Bill Studenmund wrote:

> If I understand things right, the way this would work is that user A would 
> log into user B's account but the process limits & such would be counted 
> against user A, correct? Or would they no longer be counted against user A 
> and user B would be well-above limits?

They would not be counted against user A. And user B would never get 
resource limits set (i.e. setrlimit), so could potentially be above 
limits.

It works correctly on NetBSD 2.1 (before pam):

rainier:~$ id -un
reed
rainier:~$ ulimit -u
200
rainier:~$ su dummy
Password:
rainier: {2} id -un
dummy
rainier: {1} limit maxproc
maxproc         5

It doesn't work with NetBSD 3.99.20:

$ id -un
reed
$ ulimit -p 
160
$ su dummy
Password:
glacier: {1} id -un
dummy
glacier: {2} limit maxproc
maxproc      160 


Here is same system with login:

$ id -un
reed
$ login dummy
Password:
...
Welcome to NetBSD!
...
glacier: {1} limit maxproc
maxproc      5 


I didn't test other privileges though.


 Jeremy C. Reed

echo '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL>@8L?:5GDEJ8LDG1' |\
sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'