On Mon, 5 Jun 2006, Greg A. Woods wrote:

> > What is the procedure for checking resource limits when the process is
> > started as root with a fork and then uses setuid to change user?
> > 
> > Should exec(3) check if the resource limit (like maxproc) has already been
> > reached?
> 
> No, it had better not do so, especially not maxproc.  Calls to the
> exec() family of functions do not change the number of processes that
> are running.
> 
> It is also critical that one be able to exec another program when one is
> already running maxproc processes.

Maybe add a new exec()-type function that checks limits? Probably not, 
since that would not be portable.

Here is the problem: A program running as root is forked and has the 
resource limitations as allowed for root. The new child process's 
resources are changed using setusercontext() including changing the 
running group id and user id. Then it execle() to run a different process 
as this new user -- this is allowed even if over the maximum allowed 
maxproc for that user.

I think a fix for this problem would be to do a double fork. Do the second 
fork after the setusercontext(). This second fork will correctly fail if 
over the maxproc for example. (And examples of doing a double fork for 
this purpose?)

Or should a userland program check the resource settings itself? (Any 
examples of that?)

Or is it acceptable for programs to go over (ignore) the defined maxproc?

(NetBSD includes a couple in the default install that allow normal users 
to start more processes than they are allowed.)

 Jeremy C. Reed

echo '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL>@8L?:5GDEJ8LDG1' |\
sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'