Jan R_korajski writes:
> Why is RLIMIT_NPROC apllied to root(uid 0) processes? It's not kernel job to
> prevent admin from shooting him/her self in the foot.
> - if (atomic_read(&p->user->processes) >= p->rlim[RLIMIT_NPROC].rlim_cur)
By default, root has no real process limits anyways, so this test should
always succeed. However, it would be nice to be _able_ to set process
limits on root for one reason or another. Also, as we move towards more
secure systems, it is bad (IMHO) to special case root (uid=0) cases.
It just makes more to fix to get a system where root != god.
> root should be able to do fork() regardless of any limits,
> and IMHO the following patch is the right thing.
Then set the rlim_cur to unlimited, and blow your system up as you like.
Cheers, Andreas
--
Andreas Dilger \ "If a man ate a pound of pasta and a pound of antipasto,
\ would they cancel out, leaving him still hungry?"
http://www-mddsp.enel.ucalgary.ca/People/adilger/ -- Dogbert
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Nov 30 2000 - 21:00:20 EST