From: Todd C. Miller <Todd.Miller@sudo.ws>
Date: Mon, 7 Jan 2019 16:38:03 +0000 (-0700)
Subject: Fix the default nofiles and stack hard limits.
X-Git-Tag: SUDO_1_8_27^2~2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f7d7a9a6196937c88588956d5b8dfcfbbe0b4fba;p=sudo

Fix the default nofiles and stack hard limits.
The table of default hard limits in /etc/security/limits was out
of date with respect to the current documentation.  The default
hard limit for nofiles should be unlimited, not 8196.  The default
hard limit for stack should be 4194304 blocks (which fits in an
unsigned long on 32-bit platforms).
---

diff --git a/lib/util/aix.c b/lib/util/aix.c
index a8bbff19d..137de231b 100644
--- a/lib/util/aix.c
+++ b/lib/util/aix.c
@@ -112,21 +112,14 @@ aix_setlimits(char *user)
 		continue;
 	    rlim.rlim_cur = val == -1 ? RLIM64_INFINITY : (rlim64_t)val * aix_limits[n].factor;
 
-	    /* Set hard limit as per table in /etc/security/limits. */
+	    /* Set default hard limit as per limits(4). */
 	    switch (aix_limits[n].resource) {
 		case RLIMIT_CPU:
 		case RLIMIT_FSIZE:
 		    rlim.rlim_max = rlim.rlim_cur;
 		    break;
 		case RLIMIT_STACK:
-#ifdef HAVE_SETRLIMIT64
-		    rlim.rlim_max = 8388608ULL * aix_limits[n].factor;
-#else
-		    rlim.rlim_max = RLIM_SAVED_MAX;
-#endif
-		    break;
-		case RLIMIT_NOFILE:
-		    rlim.rlim_max = 8196 * aix_limits[n].factor;
+		    rlim.rlim_max = 4194304UL * aix_limits[n].factor;
 		    break;
 		default:
 		    rlim.rlim_max = RLIM64_INFINITY;