> The solution I'm looking for here is something like what SCO has in their
> Unix. In other words, ulimit statements in the /etc/profile can be
> circumvented by a regular user, at least by one who has the experience
> and knowledge to be a hacker. I want something that isn't so easily
> circumvented, and the best (only?) place I can think of to put it is in
> the kernel since it handles all memory allocation anyway.
Couldn't you create a custom bash (or whatever) shell that invokes setrlimit
on itself at startup, and assign this as the user's shell? The only way I can
see around this is if you can start programs outside of the shell, either by
hacking the root or via some deamon. If root is secure, and cron and sendmail
are properly dealt with, I'm not sure if there is much of a problem left that
requires kernel intervention.
-- Kenneth Albanowski (kjahds@kjahds.com, CIS: 70705,126)