Subject: Re: check resource limits with exec(3)?
To: Jeremy C. Reed <firstname.lastname@example.org>
From: Iain Hibbert <email@example.com>
Date: 06/06/2006 20:21:21
On Tue, 6 Jun 2006, Jeremy C. Reed wrote:
> I think a fix for this problem would be to do a double fork. Do the second
> fork after the setusercontext(). This second fork will correctly fail if
> over the maxproc for example. (And examples of doing a double fork for
> this purpose?)
It might incorrectly fail also (if nproc == maxproc)
> Or should a userland program check the resource settings itself? (Any
> examples of that?)
> Or is it acceptable for programs to go over (ignore) the defined maxproc?
If it is actually a problem, then I would say that the correct place to
check it would be under setuid() somewhere (probably do_setresuid() in
sys/kern/kern_prot.c?), and return EPROCLIM if the operation would exceed
limits. I couldnt say if that would have other implications though..