exploit the possibilities

login_patch.txt

login_patch.txt
Posted Sep 21, 1999

Patch to util-linux-2.9o login.c (and pathnames.h) that provides a means under Linux (should be pretty portable to other OS's) to set limits for the address space limit

tags | exploit
systems | linux
MD5 | 7676facadad2337f4eaf59bc2ab49c2a

login_patch.txt

Change Mirror Download
diff -ur ./util-linux-2.9o/lib/pathnames.h ./util-linux-2.9o-mp/lib/pathnames.h
--- ./util-linux-2.9o/lib/pathnames.h Sun Oct 11 14:19:16 1998
+++ ./util-linux-2.9o-mp/lib/pathnames.h Wed Jul 14 22:51:13 1999
@@ -86,6 +86,7 @@

#define _PATH_SECURE "/etc/securesingle"
#define _PATH_USERTTY "/etc/usertty"
+#define _PATH_LIMITS "/etc/limits"

#define _PATH_MTAB "/etc/mtab"
#define _PATH_UMOUNT "/bin/umount"
diff -ur ./util-linux-2.9o/login-utils/login.c ./util-linux-2.9o-mp/login-utils/login.c
--- ./util-linux-2.9o/login-utils/login.c Sat Mar 20 14:20:16 1999
+++ ./util-linux-2.9o-mp/login-utils/login.c Wed Jul 14 22:49:24 1999
@@ -185,6 +185,7 @@
char *stypeof P_((char *ttyid));
void checktty P_((char *user, char *tty, struct passwd *pwd));
void sleepexit P_((int eval));
+void setup_limits P_(struct passwd *pwd);
#ifdef CRYPTOCARD
int cryptocard P_((void));
#endif
@@ -1110,6 +1111,8 @@

childArgv[childArgc++] = NULL;

+ setup_limits(pwd);
+
execvp(childArgv[0], childArgv + 1);

if (!strcmp(childArgv[0], "/bin/sh"))
@@ -1120,6 +1123,161 @@

exit(0);
}
+
+/* Most of this code ripped from lshell by Joel Katz */
+void process(char *buf)
+{
+ /* buf is of the form [Fn][Pn][Ct][Vm][Sm][Rm][Lm][Dm] where */
+ /* F specifies n max open files */
+ /* P specifies n max procs */
+ /* c specifies t seconds of cpu */
+ /* C specifies t minutes of cpu */
+ /* v specifies m kbs of total virtual memory (address space) */
+ /* V specifies m megs of total virtual memory (address space) */
+ /* s specifies m kbs of stack */
+ /* S specifies m megs of stack */
+ /* r specifies m kbs of RSS */
+ /* R specifies m megs of RSS */
+ /* l specifies m kbs of locked (non-swappable) memory */
+ /* L specifies m megs of locked (non-swappable) memory */
+ /* d specifies m kbs of Data segment */
+ /* D specifies m megs of Data segment */
+
+ struct rlimit rlim;
+ char *pp = buf;
+ int i;
+
+ while(*pp!=0)
+ {
+ i = 1;
+ switch(*pp++)
+ {
+ case 'f':
+ case 'F':
+ i = atoi(pp);
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_NOFILE, &rlim);
+ break;
+ case 'p':
+ case 'P':
+ i = atoi(pp);
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_NPROC, &rlim);
+ break;
+ case 'C':
+ i = 60;
+ case 'c':
+ i *= atoi(pp);
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_CPU, &rlim);
+ break;
+ case 'V':
+ i = 1024;
+ case 'v':
+ i *= atoi(pp)*1024;
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+#if defined(RLIMIT_AS) /* Linux */
+ setrlimit(RLIMIT_AS, &rlim);
+#else if defined(RLIMIT_VMEM) /* Irix */
+ setrlimit(RLIMIT_VMEM, &rlim);
+#endif
+ break;
+ case 'S':
+ i = 1024;
+ case 's':
+ i *= atoi(pp)*1024;
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_STACK, &rlim);
+ break;
+ case 'R':
+ i = 1024;
+ case 'r':
+ i *= atoi(pp)*1024;
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_RSS, &rlim);
+ break;
+ case 'L':
+ i = 1024;
+ case 'l':
+ i *= atoi(pp)*1024;
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_MEMLOCK, &rlim);
+ break;
+ case 'D':
+ i = 1024;
+ case 'd':
+ i *= atoi(pp)*1024;
+ if(!i)
+ break;
+ rlim.rlim_cur = i;
+ rlim.rlim_max = i;
+ setrlimit(RLIMIT_DATA, &rlim);
+ break;
+ }
+ }
+}
+
+void setup_limits(struct passwd *pw)
+{
+ FILE *fp;
+ int i;
+ char buf[200], name[20], limits[64];
+ char *p;
+
+ if(pw->pw_uid == 0)
+ {
+ return;
+ }
+
+ if((fp = fopen(_PATH_LIMITS,"r")) == NULL)
+ {
+ return;
+ }
+
+ while(fgets(buf, 200, fp) != NULL)
+ {
+ if(buf[0] == '#')
+ continue;
+
+ p = strchr(buf, '#');
+ if(p)
+ *p = 0;
+
+ i=sscanf(buf, "%s %s", name, limits);
+
+ if(!strcmp(name, pw->pw_name))
+ {
+ if(i==2)
+ process(limits);
+ fclose(fp);
+ return;
+ }
+ }
+ fclose(fp);
+ process(limits); /* Last line is default */
+}
+

void
getloginname()
Login or Register to add favorites

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close