From cea6c30b8273e28e3d964e9e3f15da3afc960b8e Mon Sep 17 00:00:00 2001
From: Timo Sirainen <tss@iki.fi>
Date: Sun, 27 Apr 2003 04:21:50 +0300
Subject: [PATCH] Moved setting process limit after exec().

--HG--
branch : HEAD
---
 src/login-common/main.c    | 4 ++++
 src/master/login-process.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/login-common/main.c b/src/login-common/main.c
index fffdc2c96f..ae1bff3f7e 100644
--- a/src/login-common/main.c
+++ b/src/login-common/main.c
@@ -4,6 +4,7 @@
 #include "ioloop.h"
 #include "lib-signals.h"
 #include "restrict-access.h"
+#include "restrict-process-size.h"
 #include "process-title.h"
 #include "fd-close-on-exec.h"
 #include "auth-connection.h"
@@ -129,6 +130,9 @@ static void open_logfile(const char *name)
 
 static void drop_privileges(const char *name)
 {
+	/* make sure we can't fork() */
+	restrict_process_size((unsigned int)-1, 0);
+
 	/* Log file or syslog opening probably requires roots */
 	open_logfile(name);
 
diff --git a/src/master/login-process.c b/src/master/login-process.c
index 09dbd6ba93..4e91dd9950 100644
--- a/src/master/login-process.c
+++ b/src/master/login-process.c
@@ -479,7 +479,7 @@ static pid_t create_login_process(struct login_group *group)
 			i_fatal("chdir(%s) failed: %m", set->login_dir);
 	}
 
-	restrict_process_size(group->set->process_size, 0);
+	restrict_process_size(group->set->process_size, (unsigned int)-1);
 
 	/* make sure we don't leak syslog fd, but do it last so that
 	   any errors above will be logged */
-- 
2.47.3