exec: Use sane stack rlimit under secureexec
For a secureexec, before memory layout selection has happened, reset the stack rlimit to something sane to avoid the caller having control over the resulting layouts. $ ulimit -s 8192 $ ulimit -s unlimited $ /bin/sh -c 'ulimit -s' unlimited $ sudo /bin/sh -c 'ulimit -s' 8192 Cc: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: NKees Cook <keescook@chromium.org> Reviewed-by: NJames Morris <james.l.morris@oracle.com> Acked-by: NSerge Hallyn <serge@hallyn.com>
Showing
想要评论请 注册 或 登录