(C News) (u)limit filesize and inews

[Tony Luck]

>>trouble coping with such stupid impositions.  It would make a whole lot
>>more sense if the kernel disabled such limits for setuid programs.  The
>>list of things that setuid programs have to worry about is already
>>excessively long; we don't need gratuitous additions to it courtesy of
>>stupid implementors.

System V Release 4.0 does exactly this ... the exec code will reset all
resource limits back to the system defaults (the versions that I have been
near avoid reducing any limit). I haven't seen this documented anywhere
though. Administrators who rely on setting a high limit, and lowering it
in /etc/profile for certain clases of users may be surprised that users
can bypass the limits ... if two of them cooperate and give each other setuid
programs.

-Tony Luck <aegl at unisoft.com>