projects
/
gruntmaster-daemon.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c2af033
)
Limit user programs to one process
author
Marius Gavrilescu
<marius@ieval.ro>
Fri, 30 Jan 2015 11:57:56 +0000
(13:57 +0200)
committer
Marius Gavrilescu
<marius@ieval.ro>
Fri, 30 Jan 2015 11:57:56 +0000
(13:57 +0200)
gruntmaster-exec
patch
|
blob
|
blame
|
history
diff --git
a/gruntmaster-exec
b/gruntmaster-exec
index e7d7363d4c44308c0622a32e4ecbb7565682c88c..319671e2aa8153e5aa88bca254618616ed2bf491 100755
(executable)
--- a/
gruntmaster-exec
+++ b/
gruntmaster-exec
@@
-22,7
+22,7
@@
use constant +{
use constant USER => 65534;
use constant GROUP => 65534;
use constant USER => 65534;
use constant GROUP => 65534;
-use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE/;
+use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE
RLIMIT_NPROC
/;
use IPC::Signal qw/sig_name sig_num/;
use sigtrap qw/XFSZ/;
use IPC::Signal qw/sig_name sig_num/;
use sigtrap qw/XFSZ/;
@@
-73,6
+73,7
@@
if ($ret) {
%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
+ setrlimit RLIMIT_NPROC, 1, 1 or die $! if $nobody;
POSIX::setgid $nobody ? 65534 : USER;
POSIX::setuid $nobody ? 65534 : GROUP;
exec @ARGV;
POSIX::setgid $nobody ? 65534 : USER;
POSIX::setuid $nobody ? 65534 : GROUP;
exec @ARGV;
This page took
0.010649 seconds
and
4
git commands to generate.