From 140219250df9955e13341f2a767863d54d60e4f3 Mon Sep 17 00:00:00 2001
From: Michael Neumann <mneumann@ntecs.de>
Date: Wed, 17 Jun 2009 21:18:45 +0200
Subject: [PATCH] priv: Narrow down privileges

---
 sys/kern/kern_plimit.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/sys/kern/kern_plimit.c b/sys/kern/kern_plimit.c
index 4a788af..cff3701 100644
--- a/sys/kern/kern_plimit.c
+++ b/sys/kern/kern_plimit.c
@@ -347,7 +347,8 @@ kern_setrlimit(u_int which, struct rlimit *limp)
         if (limp->rlim_cur > alimp->rlim_max ||
             limp->rlim_max > alimp->rlim_max) {
 		spin_unlock_rd(&limit->p_spin);
-                if ((error = priv_check_cred(p->p_ucred, PRIV_ROOT, PRISON_ROOT)))
+                if ((error = priv_check_cred(p->p_ucred, PRIV_PROC_SETRLIMIT,
+					     PRISON_ROOT)))
                         return (error);
 	} else {
 		spin_unlock_rd(&limit->p_spin);
-- 
1.7.7.2