[sudo-users] uid switching vs resource limits
Todd C. Miller
Todd.Miller at courtesan.com
Fri Jun 12 09:56:27 MDT 2015
On Fri, 12 Jun 2015 09:34:59 -0600, "Todd C. Miller" wrote:
> I've been trying to reproduce this on Debian 8 using 1.8.10p3-1+deb8u2
> but I get the same behavior you report for 1.8.5. I've tried
> reducing the nproc limit further but in each instance if I can run
> a command via bash without hitting the limit I can run it via sudo
> too.
Apparently the behavior was removed in Linux 3.1, which explains
why I couldn't reproduce it.
EAGAIN uid does not match the real user ID of the caller and
this call would bring the number of processes belonging
to the real user ID uid over the caller's RLIMIT_NPROC
resource limit. Since Linux 3.1, this error case no
longer occurs (but robust applications should check for
this error); see the description of EAGAIN in execve(2).
My test VM is Debian 8.1 with the following kernel:
Linux deb8 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1 (2015-05-24) x86_64 GNU/Linux
- todd
More information about the sudo-users
mailing list