diff options
author | Eric Covener <covener@apache.org> | 2010-12-04 16:06:29 +0100 |
---|---|---|
committer | Eric Covener <covener@apache.org> | 2010-12-04 16:06:29 +0100 |
commit | 49bd9d3de10cc11e8b5733c6d7f9fa673eafde91 (patch) | |
tree | d96e5aa064f0c19f458f7c50fe01232f4d1227fa | |
parent | Add support for RLimit* in mod_cgid. PR 42135. (diff) | |
download | apache2-49bd9d3de10cc11e8b5733c6d7f9fa673eafde91.tar.xz apache2-49bd9d3de10cc11e8b5733c6d7f9fa673eafde91.zip |
Per the existing comment and setrlimit() behavior -- only prevent attempts to
raise the hard limit, not to lower it, by nonroot users.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1042198 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | os/unix/unixd.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/os/unix/unixd.c b/os/unix/unixd.c index 6e2f4f9082..e8677d1383 100644 --- a/os/unix/unixd.c +++ b/os/unix/unixd.c @@ -95,10 +95,13 @@ AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit, /* if we aren't running as root, cannot increase max */ if (geteuid()) { limit->rlim_cur = cur; - if (max) { + if (max && (max > limit->rlim_max)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, cmd->server, "Must be uid 0 to raise maximum %s", cmd->cmd->name); } + else if (max) { + limit->rlim_max = max; + } } else { if (cur) { |