svn commit: r211393 - head/lib/libutil
des at des.no
Mon Aug 16 11:41:10 UTC 2010
Dag-Erling Smorgrav <des at FreeBSD.org> writes:
> In setusercontext(), do not apply user settings unless running as the
> user in question (usually but not necessarily because we were called
> with LOGIN_SETUSER). This plugs a hole where users could raise their
> resource limits and expand their CPU mask.
Note that this commit semi-intentionally introduces another bug: in some
cases, the user's limits will not be applied at all. This is by far the
lesser of two evils, and is easy (albeit time-consuming) to fix.
Dag-Erling Smørgrav - des at des.no
More information about the svn-src-all