> On Mon, 18 Mar 1996, Kenneth Albanowski wrote:
>
> > on itself at startup, and assign this as the user's shell? The only way I can
> > see around this is if you can start programs outside of the shell, either by
> > hacking the root or via some deamon. If root is secure, and cron and sendmail
> > are properly dealt with, I'm not sure if there is much of a problem left that
> > requires kernel intervention.
>
> Yes, setrlimit calls which set the `hard' limit values should be able to do
> this. But the place to do it is in your login.c, and probably in `su'....
> Alan Cox suggests there's an alternate login.c floating around Sunsite that
> does this. It seems to me that BSD has a format for various /etc/passwd
> fields that enforce these limits for the various resources, though I don't
> know if that alternate login.c uses said format. Seems to me this would be
> a very good project for an ISP, if there's nothing readily available....
There is a de-facto standard for resource limits per user. I believe
that you are correct in that it is associated with the BSD
implementations of UNIX. This information is stored with the gecos
field in the /etc/passwd entry. The current passwd.h file has
references to the limit field, but is marked 'for future use'.
Perhaps this is the place to start. You would, of course, have to
modify the *pwent functions in the libc to decode/preserve/encode the
fields.
I believe that the shadow password login program has support for
setting the entries in the operating system. You may wish to examine
this program for a suitable guide for the non-shadow versions.