On Tue, 18 Jul 2017, Kees Cook wrote: > For a secureexec, before memory layout selection has happened, reset the > stack rlimit to something sane to avoid the caller having control over > the resulting layouts. > > $ ulimit -s > 8192 > $ ulimit -s unlimited > $ /bin/sh -c 'ulimit -s' > unlimited > $ sudo /bin/sh -c 'ulimit -s' > 8192 > > Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Reviewed-by: James Morris <james.l.morris@xxxxxxxxxx> -- James Morris <jmorris@xxxxxxxxx>
