version 1.4, 2016/09/12 01:22:38 |
version 1.5, 2020/10/18 11:32:01 |
|
|
* Strictly, we don't need to maintain any state here but we need |
* Strictly, we don't need to maintain any state here but we need |
* to return non-NULL to satisfy the API. |
* to return non-NULL to satisfy the API. |
*/ |
*/ |
debug3("%s: preparing rlimit sandbox", __func__); |
debug3_f("preparing rlimit sandbox"); |
box = xcalloc(1, sizeof(*box)); |
box = xcalloc(1, sizeof(*box)); |
box->child_pid = 0; |
box->child_pid = 0; |
|
|
|
|
rl_zero.rlim_cur = rl_zero.rlim_max = 0; |
rl_zero.rlim_cur = rl_zero.rlim_max = 0; |
|
|
if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) |
if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) |
fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", |
fatal_f("setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", |
__func__, strerror(errno)); |
strerror(errno)); |
if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) |
if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) |
fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", |
fatal_f("setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", |
__func__, strerror(errno)); |
strerror(errno)); |
if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) |
if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) |
fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", |
fatal_f("setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", |
__func__, strerror(errno)); |
strerror(errno)); |
} |
} |
|
|
void |
void |
ssh_sandbox_parent_finish(struct ssh_sandbox *box) |
ssh_sandbox_parent_finish(struct ssh_sandbox *box) |
{ |
{ |
free(box); |
free(box); |
debug3("%s: finished", __func__); |
debug3_f("finished"); |
} |
} |
|
|
void |
void |