Re: ~/.login_conf mechanism is flawed

jhell <jhell@xxxxxxxxxx> writes:
On the note of using a ~/.login_conf file for setting limits and in this
case increasing them. when they shouldn't be.

I have been using a ~/.login_conf without generating the
~/.login_conf.db through the use of cap_mkdb(1) for quite some time. So
on that, is it really necessary to look for that .db file at all since
~/.login_conf works without it...

It won't make any difference. The problem is that setusercontext()
applies the user's settings even if it's still running as root. I have
a patch, but I need to check that it doesn't break anything.

Dag-Erling Smørgrav - des@xxxxxx
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages