In revision 1.228, I accidentally broke the "total number of processes in

the system" resource limit code: When checking if the caller has superuser
privileges, we should be checking the *real* user, not the *effective*
user.  (In general, resource limiting is done based on the real user, in
order to avoid resource-exhaustion-by-setuid-program attacks.)

Now that a SUSER_RUID flag to suser_cred exists, use it here to return
this code to its correct behaviour.

Pointed out by:	rwatson
This commit is contained in:
Colin Percival 2004-07-26 07:54:39 +00:00
parent d8a720f9ec
commit 66d5c640fa

View File

@ -300,7 +300,8 @@ fork1(td, flags, pages, procp)
*/
sx_xlock(&allproc_lock);
uid = td->td_ucred->cr_ruid;
if ((nprocs >= maxproc - 10 && suser(td) != 0) ||
if ((nprocs >= maxproc - 10 &&
suser_cred(td->td_ucred, SUSER_RUID) != 0) ||
nprocs >= maxproc) {
error = EAGAIN;
goto fail;