Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 12 Jun 2011 17:12:24 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: kernel-hardening@...ts.openwall.com
Subject: Re: rlimit_nproc check

Solar,

On Sun, Jun 12, 2011 at 06:28 +0400, Solar Designer wrote:
> As an option, you could propose to revert that 8-year old change and
> introduce the check on execve().  Unrealistic?

I've started a separate thread on LKML for it, we'll see ;)

> Oh, by the way, here's what I found:
> 
> Subject: [PATCH] sched: Don't allow setuid to succeed if the user does not have rt bandwidth
> http://lists.openwall.net/linux-kernel/2009/02/27/177

Yeah, but it was removed in 7c9414385ebfdd87cc542d4e7e3bb0dbb2d3ce25 as
a "2.6.34 scheduled cleanup".


Thanks,

-- 
Vasiliy

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ