From c009fddfd63ef5d206d01f3620b02f83af7276b6 Mon Sep 17 00:00:00 2001
From: cperciva <cperciva@FreeBSD.org>
Date: Mon, 26 Jul 2004 07:54:39 +0000
Subject: [PATCH] In revision 1.228, I accidentally broke the "total number of
 processes in the system" resource limit code: When checking if the caller has
 superuser privileges, we should be checking the *real* user, not the
 *effective* user.  (In general, resource limiting is done based on the real
 user, in order to avoid resource-exhaustion-by-setuid-program attacks.)

Now that a SUSER_RUID flag to suser_cred exists, use it here to return
this code to its correct behaviour.

Pointed out by:	rwatson
---
 sys/kern/kern_fork.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index e42a436feb5b..8ac003d6b76d 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -300,7 +300,8 @@ fork1(td, flags, pages, procp)
 	 */
 	sx_xlock(&allproc_lock);
 	uid = td->td_ucred->cr_ruid;
-	if ((nprocs >= maxproc - 10 && suser(td) != 0) ||
+	if ((nprocs >= maxproc - 10 &&
+	    suser_cred(td->td_ucred, SUSER_RUID) != 0) ||
 	    nprocs >= maxproc) {
 		error = EAGAIN;
 		goto fail;