Re: time limits

Tudor Hulubei (chang!tudor@pub.ro)
Sat, 17 Feb 1996 10:51:34 +0200

>> Much too complicated. I think it will be a lot easier to put the
>> program that should kill sessions in /etc/profile and make it setuid
>> to root.
>
>Don't forget about the users who aren't using /bin/(ba)sh !

What's so special about /bin/(ba)sh ?
>
>Also, having the program suid to root is not enough to guarantee that
>the user can't kill it. Try doing this:
>
>root# cp /usr/bin/sleep /tmp/sleep
>root# chmod 4755 /tmp/sleep
>
>user> /tmp/sleep 600
>
>(switch to another window)
>
>user> ps aux
>[...]
>root 6293 2.0 1.0 25 160 pp8 S 17:22 0:00 /tmp/sleep 600
>[...]
>user> kill -9 6293
>user>

There is *NO WAY* a normal user can kill processes owned by root.
If you will ever do this (correctly) you will get a message telling
you that you are not the owner of the process. If UNIX would that
dumb, I would have switched to ms-dos a long time ago.

Try the sequence you described again and type `id' before issuing the
kill command. If it still works & your id != 0, then there is a bug
in the kernel (which I doubt). In a decently implemented unix system,
this shouldn't be possible.

>One not very obscure reason is that if pid_t is changed, then there
>would be a lot of programs that would break until they were
>recompiled.

I don't think so. pid_t is defined as int. This is from
/usr/include/linux/types.h:

typedef int pid_t;

The kernel defines pid_t as an int as well. However, a mask is used
in the kernel function get_pid() in kernel/fork.c to limit pid numbers
to something between 0 and 32767. I don't know the reason.

Even if programs would break due to this change, (they might assume
the pid is an int < 32767 (not a good idea), this has nothing to do
with my original question. Why having pids < 32768. If pids would
have been implemented as 32 bit integers from the very beginning,
programs wouldn't require recompilation.

>Another reason is: why change what isn't broken? How many people do
>you know who run more than 32000 processes at a time? So what if they
>get reused... just don't go killing processes blindly :).

None. Just me :-). Assume you write a program like this:

int
main()
{
while (1)
if (fork() == 0)
exit(0);
}

In approximately 1 minute, process ids will wrap around. The
get_pid() routine mentioned earlier has to loop through the process
table to find an unused id. If pid_t would have been a 32 bit
integer, it would take an year to wrap arround. Much better/safe.

I still think there should be a reason why this has been implemented
this way, and I have forwarded this message to the linux-kernel
mailing list as this discussion doesn't belong here anymore.

Regards,
Tudor