Limiting stack size in a user shell

Limiting stack size in a user shell

Post by Frank Sweetse » Fri, 06 Feb 1998 04:00:00




Quote:> I wish that a super user can change the stack size limitation
> for general users.  At the moment only in the sueruser shell,
> the superuser can issue

IIRC, putting the appropriate ulimit command in the system login scripts
(/etc/{profile|csh.login}) should enable stack limits, and not allow users
to increase their limits.

--
Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available
paramount.res.wpi.net RH 5.0 kernel 2.0.33/2.1.85   i586 | at public servers
Coach: What would you say to a beer, Normie?
Norm:  Daddy wuvs you.
                -- Cheers, The Mail Goes to Jail

 
 
 

Limiting stack size in a user shell

Post by G. Hugh SO » Sat, 07 Feb 1998 04:00:00


I wish that a super user can change the stack size limitation
for general users.  At the moment only in the sueruser shell,
the superuser can issue

$ ulimit -s unlimited

People are saying that if there is no such stack limit in the
general user's shell, a general user can abuse the whole system.
However, many linux systems are personal workstations.  It is
an even worse situation if a superuser is forced allow a
general user to use a superuser's shell in order him to
allow to increase the stack size limit.

BTW, I don't know where to raise this voice.  If anybody knows
where to send this superuser's setup stuff, please tell me.

Thanks a lot.

--
G. Hugh Song

PS: Sorry for the false email address in the From: field.  Correct address
is given below:

Assoc. Professor
Office: +82-62-970-2210
Departmental fax: -2204

Department of Information and Communications
Kwangju Institute of Science and Technology
572 Ssangam-dong, Kwangsan-gu,
Kwangju, 506-712 South KOREA

 
 
 

Limiting stack size in a user shell

Post by Alan Cur » Sat, 07 Feb 1998 04:00:00





>> I wish that a super user can change the stack size limitation
>> for general users.  At the moment only in the sueruser shell,
>> the superuser can issue

>IIRC, putting the appropriate ulimit command in the system login scripts
>(/etc/{profile|csh.login}) should enable stack limits, and not allow users
>to increase their limits.

That won't work. The user's identity has already been established before the
shell starts, so the shell startup scripts are too late to do things
requiring root privileges. Anything that can be done in /etc/profile can be
done by the user himself. (Note that if you wanted to _lower_ the limits,
that strategy might work, since you don't have to be root to impose a limit
on yourself. But you'd have to change the various startup files for _all_ the
different shells, and besides, the original poster was looking for a way to
_raise_ the limit for certain users.)

The proper place to implement user-specific resource limits is in /bin/login
itself. If you are using the login that comes in the shadow suite, you can
configure them in /etc/limits. If you are not, then wait for the inevitable
followups:

(I'll provide a template)


<That's not the proper place for it at all! shadow suite's login is wrong.
<
<What you really SHOULD do is...
--
Alan Curry
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS d? s++:-- a-- C++ UB+++L++++ P+ L+++>++++ E--- W-- N++ o K? w--- O? M--
V? PS+ PE+ Y+ PGP-(--) t* 5++ X+++ R- tv++ b-- DI- D++ G+++ !e h! r-->+++ y?
------END GEEK CODE BLOCK------

 
 
 

Limiting stack size in a user shell

Post by Kevin Fenz » Sat, 07 Feb 1998 04:00:00


Alan> The proper place to implement user-specific resource limits is
Alan> in /bin/login itself. If you are using the login that comes in
Alan> the shadow suite, you can configure them in /etc/limits. If you
Alan> are not, then wait for the inevitable followups:

Alan> (I'll provide a template)


Alan> proper place for it at all! shadow suite's login is wrong.  <
Alan> <What you really SHOULD do is...  -- Alan Curry -----BEGIN GEEK

Sorry, That template doesn't work for me. ;)

I was going to add that if you are using redhat-5.0 (or an eariler
redhat with a newer pam version), you can use pam for this.

There is a pam module called pam_limits. Add it to your
/etc/pam.d/login file:

session    required     /lib/security/pam_limits.so

then edit /etc/security/limits.conf

It has a number of comments and should be pretty easy to
customize. You can make limits for diffrent groups, users, or
everyone. You can set any limit hard or soft.

enjoy.

kevin
--



 
 
 

1. Is there a stack size limit under UNIX?

I have been working on a software that suddenly stopped working.  I used
xdb to figure where it crashed.  The debugger  couldn't tell it from the
core file.  I rerun the program until it crashed and figured that it was
crashing when returning from a function call that calls other functions.

I figured  that the  return  address  that was  stored in the stack  was
corrupted.  I removed that call and the program start  crashing with the
same reason but when returning from some other function.

The system I am running is HP-UX.  Anybody has any ideas what this maybe
due?  Could  it  be a  problem  related  with  stack  limits  or  shared
libraries?

2. linux and iomega DITTO tapes

3. Stack Size Limit???

4. .cshrc not running

5. Enlarging STACK SIZE limit ?

6. Workshop 6 & sys_errlist

7. Q: How to configure default stack size limit?

8. Installing Solaris 9 from a linux server

9. Stack size limit

10. Hard limit of stack size

11. Increasing stack size limit

12. limit stack size for shared libraries ?

13. Limiting stack size. Whose job is it?