tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: enforcing RLIMIT_NPROC in setuid() ?



On Thu, 10 Jan 2008, Ed Ravin wrote:

> Would it make sense to have setuid() check the process limit,
> and return an error if the user in question is over the limit?
> That way, programs that check the return value of setuid() would
> fail and prevent new processes from being created by login loops
> like the one described above.

I think so.

I have found that login, su, and cron could easily be used to bypass these 
limits. I believe it is a security issue.

Have a look at 

http://mail-index.netbsd.org/tech-security/2006/06/13/0001.html

http://archive.netbsd.se/?ml=netbsd-tech-userlevel&a=2006-06&t=2076384

http://archive.netbsd.se/?ml=netbsd-tech-security&a=2006-06&t=2102044

> It would probably be a good idea for setuid() to still carry out
> the UID change, just in case there's a poorly written program
> somewhere that doesn't check the return value.

I am not sure about that.

  Jeremy C. Reed



Home | Main Index | Thread Index | Old Index