Max procs per user with setuid programs
Guy Harris
guy at sun.uucp
Sun Feb 23 18:13:35 AEST 1986
> Fork currently compares effective uids when counting processes to
> determine whether maxuprc would be exceeded. Should it perhaps be
> comparing real uids?
Yes. Absolutely. System V does this, although I don't know if this was
deliberate or a side-effect of the stuff they did to enable repeated
switching between real and set-UID UIDs (the UNIX "fork" code only checks
UIDs which are stored in the processs table entry, not UIDs stored in the U
page which may be swapped or paged out; pre-S5 UNIXes stored only the
effective UID in "p_uid", but S5 stores the real UID there and the effective
UID as of the last "exec" in "p_suid"). Usually, a process should be
charged against the quota of the user on whose behalf it is doing work, not
the quota of the user to whom it's set-UID.
--
Guy Harris
{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
guy at sun.arpa (yes, really)
More information about the Comp.unix.wizards
mailing list