Re: Some questions about linux kernel.

From: Khimenko Victor (khim@sch57.msk.ru)
Date: Sat Mar 11 2000 - 11:19:46 EST

Next message: Adam: "Re: 2.3.51: ip_finish_output: bad owned skb = c3737480"
Previous message: Stephen Frost: "Re: 2.3.51: ip_finish_output: bad owned skb = c3737480"
Next in thread: Rik van Riel: "Re: Some questions about linux kernel."
Reply: Rik van Riel: "Re: Some questions about linux kernel."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In <028c01bf8b6e$fd83cd00$161b10d4@olymp> Peter Zaitsev (pz@spylog.ru) wrote:

>> Hello,
>> you might want to check out pam. It has a file under /etc/security called
>> limits.conf. This will allow you to put per user/ per group or default
>> limits on many system resource, such as memory, and the number of
> processes.
>> If you take your code above and put a while (true) {fork()}; without any
>> limits placed here your system will die, also.

> Well. I know that but this seems to be just a work around. The system should
> not die because of usual users things.
> Fork won't help as user only have up to 256 proceses by default.
> The problem with memory is really importand. The limits - for example I
> have 512MB+1GB of swap - so if I limit users memory to 512MB he will not be
> upset much and I'll have the system protected. But if 4 different users will
> run such stuff the system will die. I can limit this to user groups - the
> same result will be if users are from different groups. So you have to
> trouble a lot to make a work around, and so the problem has to be solved
> anyway. I know it's solved in solaris 2.6 as I wrote in OS/2 and even in
> Windows NT. But not in linux :(
> So I'm wondering if 2.4 will have something inside to avoid such situations.

Ok. This discussion is serveral YEARS old. So do not hold you breath.
There were lots and lots of discussion about this and fewdifferent patches
are floating around for ages (in 2.2.15pre some OOM patches was tried;
perhaps 2.2.15 will include one of them). But ALL patches are designed to help
in case of run-away process and NOT protect against malicious user.

P.S. Of course if you'll be able to cook up patch and solve this outstanding
problem still not solved after few years of exercises by Linux's memory
wizards you are welcome. Just don't think it's so easy :-(

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adam: "Re: 2.3.51: ip_finish_output: bad owned skb = c3737480"
Previous message: Stephen Frost: "Re: 2.3.51: ip_finish_output: bad owned skb = c3737480"
Next in thread: Rik van Riel: "Re: Some questions about linux kernel."
Reply: Rik van Riel: "Re: Some questions about linux kernel."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Mar 15 2000 - 21:00:19 EST