From: Karel Zak <kzak@redhat.com>
Date: Fri, 1 Oct 2021 12:59:50 +0000 (+0200)
Subject: su: reset RLIMIT_{NICE,RTPRIO} to zero
X-Git-Tag: v2.38-rc1~235
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e549619122b62b587b5aeb1b2ba3ca565010dc6d;p=thirdparty%2Futil-linux.git

su: reset RLIMIT_{NICE,RTPRIO} to zero

Addresses: https://github.com/linux-pam/linux-pam/issues/85
Reported-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/login-utils/runuser.1.adoc b/login-utils/runuser.1.adoc
index ecbc39c34a..f2ca6fc326 100644
--- a/login-utils/runuser.1.adoc
+++ b/login-utils/runuser.1.adoc
@@ -28,6 +28,8 @@ For backward compatibility, *runuser* defaults to not changing the current direc
 
 Note that *runuser* in all cases use PAM (pam_getenvlist()) to do the final environment modification. Command-line options such as *--login* and *--preserve-environment* affect the environment before it is modified by PAM.
 
+Since version 2.38 *runuser* resets process resource limits RLIMIT_NICE and RLIMIT_RTPRIO to zero.
+
 == OPTIONS
 
 *-c*, *--command*=_command_::
diff --git a/login-utils/su-common.c b/login-utils/su-common.c
index afd0ea8ad5..c8eb6cf051 100644
--- a/login-utils/su-common.c
+++ b/login-utils/su-common.c
@@ -36,6 +36,11 @@
 #include <sys/wait.h>
 #include <syslog.h>
 #include <utmpx.h>
+#include <sys/time.h>
+
+#ifdef HAVE_SYS_RESOURCE_H
+# include <sys/resource.h>
+#endif
 
 #ifdef HAVE_PTY
 # include <pty.h>
@@ -954,6 +959,16 @@ static int is_not_root(void)
 	return (uid_t) 0 == ruid && ruid == euid ? 0 : 1;
 }
 
+static void sanitize_prlimits(void)
+{
+#ifdef HAVE_SYS_RESOURCE_H
+	struct rlimit lm = { .rlim_cur = 0, .rlim_max = 0 };
+
+	setrlimit(RLIMIT_NICE, &lm);
+	setrlimit(RLIMIT_RTPRIO, &lm);
+#endif
+}
+
 static gid_t add_supp_group(const char *name, gid_t **groups, size_t *ngroups)
 {
 	struct group *gr;
@@ -1195,6 +1210,8 @@ int su_main(int argc, char **argv, int mode)
 	if (!su->simulate_login || command)
 		su->suppress_pam_info = 1;	/* don't print PAM info messages */
 
+	sanitize_prlimits();
+
 	supam_open_session(su);
 
 #ifdef USE_PTY
diff --git a/login-utils/su.1.adoc b/login-utils/su.1.adoc
index 132c90578e..add7fbb522 100644
--- a/login-utils/su.1.adoc
+++ b/login-utils/su.1.adoc
@@ -29,6 +29,8 @@ This version of *su* uses PAM for authentication, account and session management
 
 Note that *su* in all cases uses PAM (*pam_getenvlist*(3)) to do the final environment modification. Command-line options such as *--login* and *--preserve-environment* affect the environment before it is modified by PAM.
 
+Since version 2.38 *su* resets process resource limits RLIMIT_NICE and RLIMIT_RTPRIO to zero.
+
 == OPTIONS
 
 *-c*, **--command**=__command__::