From a6b04042057cffa40b01bb831c4c1d08604d84f0 Mon Sep 17 00:00:00 2001
From: Marius Gavrilescu <marius@ieval.ro>
Date: Fri, 30 Jan 2015 13:57:56 +0200
Subject: [PATCH] Limit user programs to one process

---
 gruntmaster-exec | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gruntmaster-exec b/gruntmaster-exec
index e7d7363..319671e 100755
--- a/gruntmaster-exec
+++ b/gruntmaster-exec
@@ -22,7 +22,7 @@ use constant +{
 use constant USER => 65534;
 use constant GROUP => 65534;
 
-use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE/;
+use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE RLIMIT_NPROC/;
 use IPC::Signal qw/sig_name sig_num/;
 use sigtrap qw/XFSZ/;
 
@@ -73,6 +73,7 @@ if ($ret) {
 	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
 	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
 	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
+	setrlimit RLIMIT_NPROC, 1, 1 or die $! if $nobody;
 	POSIX::setgid $nobody ? 65534 : USER;
 	POSIX::setuid $nobody ? 65534 : GROUP;
 	exec @ARGV;
-- 
2.30.2