Some questions about limits.conf and suid.

From: Sukbum Hong (antihong@tt.co.kr)
Date: 08/20/01 

Message-ID: <002301c12972$fee95680$2e402fd3@tt.co.kr>
From: "Sukbum Hong" <antihong@tt.co.kr>
To: <focus-linux@lists.securityfocus.com>
Subject: Some questions about limits.conf and suid.
Date: Mon, 20 Aug 2001 21:24:01 +0900

Hello, all.

I have two questions about linux security.


(1) Anyone who knows the difference between two permissions?
     First is 4411 and second is 4511.
     and they have no difference using as I know.

-r-S--x--x 1 root root 13536 /usr/bin/passwd
-r-s--x--x 1 root root 13536 /usr/bin/passwd


(2) According to the lots of manuals, when one would like to limit user's
     available resources (memory, process etc...) , he should edit the
    /etc/pam.d/login file and add the following line to the bottom of the file:

                session required /lib/security/pam_limits.so

    and setup like this in /etc/security/limits.conf file.


               * hard rss 5000
  
  as you know, this means "restrict memory usage just to 5M for the non-root user.
  But it doesn't work well as I test. I coded some script which use all available memory.
  When I execute that script in non-root user, the script use all memory(over 200M) though
  I restricted just 5M like above.
  But "ulimit" command is works well.
  What's the problem?


Thanks in advance.


 Regards.


 

Relevant Pages

  • Re: cant get access to disk share when connecting from a remote s
    ... The systems are DUTs. ... for each of the drives within the system. ... Everything in the scripts work except the file permissions below the shares ... the shares on the DUTs manually, after they run my rename script, but I would ...
    (microsoft.public.windows.server.scripting)
  • Re: VBA Script to Read WMP 11 Database
    ... The script failed on the desktop when I downloaded WMP11, ... Just reviewing the bidding -- WMP 11 responds properly to commands in a VBS ... That's why the computer wouldn't let me manually change the permissions. ... Digital Media MVP: 2004-2007 ...
    (microsoft.public.windowsmedia)
  • Re: VBA Script to Read WMP 11 Database
    ... The script failed on the desktop when I downloaded WMP11, ... Just reviewing the bidding -- WMP 11 responds properly to commands in a VBS ... That's why the computer wouldn't let me manually change the permissions. ... The CREATOR OWNER is likely on windows to be one of the admin accounts ...
    (microsoft.public.windowsmedia)
  • Re: how to restrict users to search in their own Organizational Unit
    ... will be given the necessary permissions. ... Who would you DENY? ... decided a script can make it possible to accomplish, ... If I need to create a security group per OU and then add all users ...
    (microsoft.public.windows.server.active_directory)
  • Re: Script to Copy Files from a Share to a Client Not Working
    ... regardless of the value of overwrite. ... I have the permissions applied now, ... The script is in place and is executing as ... > The copy is instructing the file located on a SERVER to ...
    (microsoft.public.windows.server.active_directory)