summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Covener <covener@apache.org>2010-12-04 16:06:29 +0100
committerEric Covener <covener@apache.org>2010-12-04 16:06:29 +0100
commit49bd9d3de10cc11e8b5733c6d7f9fa673eafde91 (patch)
treed96e5aa064f0c19f458f7c50fe01232f4d1227fa
parentAdd support for RLimit* in mod_cgid. PR 42135. (diff)
downloadapache2-49bd9d3de10cc11e8b5733c6d7f9fa673eafde91.tar.xz
apache2-49bd9d3de10cc11e8b5733c6d7f9fa673eafde91.zip
Per the existing comment and setrlimit() behavior -- only prevent attempts to
raise the hard limit, not to lower it, by nonroot users. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1042198 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r--os/unix/unixd.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/os/unix/unixd.c b/os/unix/unixd.c
index 6e2f4f9082..e8677d1383 100644
--- a/os/unix/unixd.c
+++ b/os/unix/unixd.c
@@ -95,10 +95,13 @@ AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
/* if we aren't running as root, cannot increase max */
if (geteuid()) {
limit->rlim_cur = cur;
- if (max) {
+ if (max && (max > limit->rlim_max)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, cmd->server,
"Must be uid 0 to raise maximum %s", cmd->cmd->name);
}
+ else if (max) {
+ limit->rlim_max = max;
+ }
}
else {
if (cur) {