diff options
| author | cperciva <cperciva@FreeBSD.org> | 2004-07-26 07:54:39 +0000 |
|---|---|---|
| committer | cperciva <cperciva@FreeBSD.org> | 2004-07-26 07:54:39 +0000 |
| commit | c009fddfd63ef5d206d01f3620b02f83af7276b6 (patch) | |
| tree | dc6f4afc482f26ab0e86eddb907d8457ab4539ef | |
| parent | 8870a257a7f77ac5deacfef466d514019b65b80c (diff) | |
| download | FreeBSD-src-c009fddfd63ef5d206d01f3620b02f83af7276b6.zip FreeBSD-src-c009fddfd63ef5d206d01f3620b02f83af7276b6.tar.gz | |
In revision 1.228, I accidentally broke the "total number of processes in
the system" resource limit code: When checking if the caller has superuser
privileges, we should be checking the *real* user, not the *effective*
user. (In general, resource limiting is done based on the real user, in
order to avoid resource-exhaustion-by-setuid-program attacks.)
Now that a SUSER_RUID flag to suser_cred exists, use it here to return
this code to its correct behaviour.
Pointed out by: rwatson
| -rw-r--r-- | sys/kern/kern_fork.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index e42a436..8ac003d 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -300,7 +300,8 @@ fork1(td, flags, pages, procp) */ sx_xlock(&allproc_lock); uid = td->td_ucred->cr_ruid; - if ((nprocs >= maxproc - 10 && suser(td) != 0) || + if ((nprocs >= maxproc - 10 && + suser_cred(td->td_ucred, SUSER_RUID) != 0) || nprocs >= maxproc) { error = EAGAIN; goto fail; |
