Bug#419706: marked as done (setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Tue, 27 May 2008 07:52:16 +0000
with message-id <E1K0tyi-0007Sd-Ah@ries.debian.org>
and subject line Bug#419706: fixed in fai-kernels 1.17+etch.18etch2
has caused the Debian Bug report #419706,
regarding setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
419706: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=419706
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children
• From: Micah Cowan <micah@cowan.name>
• Date: Tue, 17 Apr 2007 07:16:25 -0700
• Message-id: <4624D6B9.7050907@cowan.name>

Package: kernel

This is in 2.6.20-3 and (Ubuntu) 2.6.20-15.

Full details may be found on the zsh-workers thread, here:
http://www.zsh.org/mla/workers/2007/msg00200.html

A bug for Ubuntu on launchpad is at
https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.20/+bug/107209

The following behavior was observed:

$ bash -c 'ulimit -t 0; ulimit -Ht; while :; do :; done'
0
Killed
$ bash -c 'ulimit -t 0; ulimit -Ht; (while :; do :; done)'
0
<loops forever>
$ bash -c 'ulimit -St 0; while :; do :; done'
CPU time limit exceeded (core dumped)
$ bash -c 'ulimit -St 0; (while :; do :; done)'
<loops forever>

David Peer suggested:

> but here is one rapid fix that solves the problem.
> 
> (you will not see the new limit of 1 sec but you'll still see it set to 0, but its 1 sec - believe me && try,
> 
> if you want to see it, fork another any shell and you'll see it....bug or feature?!)
> 
> Before the line: *old_rlim = new_rlim;
> 
> add:
> 
> if (resource == RLIMIT_CPU && new_rlim.rlim_cur == 0) {
>            /*
>             * The caller is asking for an immediate RLIMIT_CPU
>             * expiry. But we use the zero value to mean "it was
>             * never set". So let's cheat and make it one second
>             * instead
>             */
>            new_rlim.rlim_cur = 1;
>        }
> 
> You can remove the dumb if statement that does nothing cause the assignment occurs(*old_rlim = new_rlim) before
> 
> so it has no meaning! : if (rlim_cur == 0) {....}
> 
> David

--- End Message ---

--- Begin Message ---

• To: 419706-close@bugs.debian.org
• Subject: Bug#419706: fixed in fai-kernels 1.17+etch.18etch2
• From: dann frazier <dannf@debian.org>
• Date: Tue, 27 May 2008 07:52:16 +0000
• Message-id: <E1K0tyi-0007Sd-Ah@ries.debian.org>

Source: fai-kernels
Source-Version: 1.17+etch.18etch2

We believe that the bug you reported is fixed in the latest version of
fai-kernels, which is due to be installed in the Debian FTP archive:

fai-kernels_1.17+etch.18etch2.dsc
  to pool/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2.dsc
fai-kernels_1.17+etch.18etch2.tar.gz
  to pool/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2.tar.gz
fai-kernels_1.17+etch.18etch2_i386.deb
  to pool/main/f/fai-kernels/fai-kernels_1.17+etch.18etch2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 419706@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
dann frazier <dannf@debian.org> (supplier of updated fai-kernels package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 21 Apr 2008 22:30:26 -0600
Source: fai-kernels
Binary: fai-kernels
Architecture: source i386
Version: 1.17+etch.18etch2
Distribution: stable-security
Urgency: high
Maintainer: Holger Levsen <holger@debian.org>
Changed-By: dann frazier <dannf@debian.org>
Description: 
 fai-kernels - special kernels for FAI (Fully Automatic Installation)
Closes: 419706
Changes: 
 fai-kernels (1.17+etch.18etch2) stable-security; urgency=high
 .
   * Rebuild against linux-source-2.6.18 (2.6.18.dfsg.1-18etch2):
     * bugfix/powerpc-chrp-null-deref.patch
       [SECURITY][powerpc] Fix NULL pointer dereference if get_property
       fails on the subarchitecture
       See CVE-2007-6694
     * bugfix/mmap-VM_DONTEXPAND.patch
       [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register
       a fault handler but do not bounds check the offset argument
       See CVE-2008-0007
     * bugfix/RLIMIT_CPU-earlier-checking.patch
       [SECURITY] Move check for an RLIMIT_CPU with a value of 0 earlier
       to prevent a user escape (closes: #419706)
       See CVE-2008-1294
     * bugfix/dnotify-race.patch
       [SECURITY] Fix a race in the directory notify
       See CVE-2008-1375
       This patch changes the ABI
     * Bump ABI to 7.
Files: 
 6f6faa132a53e808bcc61823d140290a 740 admin extra fai-kernels_1.17+etch.18etch2.dsc
 0a46d75b3ced870a96ea41b900f1ecaa 55185 admin extra fai-kernels_1.17+etch.18etch2.tar.gz
 0ce72fa3c9dfd208b1afa6912ffbcc3d 5518204 admin extra fai-kernels_1.17+etch.18etch2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIDXDXhuANDBmkLRkRAhG5AJ0cKDVFBdGxV7s0ox9lOqHr+T579gCfaGrU
rb2kYhB4vePypYS+p0Q3zmE=
=QcNl
-----END PGP SIGNATURE-----

--- End Message ---