[patch] lockf(3) user-exploitable kernel panic
Brian F. Feldman
green at freebsd.org
Thu Apr 15 07:53:31 PDT 2004
"dodell at sitetronics.com" <dodell at sitetronics.com> wrote:
> >> sh has been fixed. I was under the impression that csh used libutil for
> >> this (libutil has been fixed). I'll take a deeper look into shells in
> >> base and in ports and figure out what changes I need to make there.
> >> While I'm at it, I don't think it'd be a bad idea to go ahead and build
> >> in the RLIMIT_SBSIZE to bash and bash2.
> >
> >If it is easy, it might be worthwhile to patch the shells to use
> >libutil and submit those patches back to the maintainers.
>
> There are a huge number of shells to do this with. This subsystem
> looks like somewhat of a kludge to me in this respect; the
> functionality is plainly provided in libutil, while every shell (sh
> and tcsh included) have their own implementations. limits(1)
> even has statically compiled information about the limits for
> every shell it is aware of (including sh, csh, tcsh, bash/bash2
> and a good few others). I'll take a look at these later.
Thanks for doing this work, Devon! The most important part is for
/etc/login.conf to allow you to configure the maximum limits -- all the
shell stuff is really secondary.
--
Brian Fundakowski Feldman \'[ FreeBSD ]''''''''''\
<> green at FreeBSD.org \ The Power to Serve! \
Opinions expressed are my own. \,,,,,,,,,,,,,,,,,,,,,,\
More information about the freebsd-arch
mailing list