ACE_TAO icon indicating copy to clipboard operation
ACE_TAO copied to clipboard
verified publisher icon DOCGroup

*NIX `ACE_Process::child` is unable to call `setrlimit` after `set*id`

Open likema opened this issue 3 years ago • 0 comments

ACE_Process::child is called after for fork and various set*id on UNIX

If calling setrlimit inside ACE_Process::child, setrlimit might return -1 with errno EPERM because various set*id might limit permissions.

See also: https://github.com/DOCGroup/ACE_TAO/blob/44c80da21fe3daed65ce0b19e47b09ba6aa3f438/ACE/ace/Process.cpp#L383-L444

I suggest that separate the above set*id into a virtual member function named int set_child_uid_gid(ACE_Process_Options&) so that the user can overload it such as

int ...::set_child_uid_gid(ACE_Process_Optioins& opts)
{
    setrlimit ...
    return ACE_Process_Options::set_child_uid_gid(opts);
}

likema avatar Aug 13 '22 04:08 likema