Re: Some questions about linux kernel.

• Next message: Mr. James W. Laferriere: "Re: ver_linux script"
• Previous message: Dunlap, Randy: "RE: USB under /proc"
• In reply to: James Sutherland: "Re: Some questions about linux kernel."
• Next in thread: Michael Bacarella: "Better user limits (Re: Some questions about linux kernel)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > People have actually tried this and my patch seems to
> > catch the hog just fine :)
>
> Any sufficiently well-coded bomb is indistinguishable from an innocent
> unattended package :-)

Which is why the solution is two-part:
  * An OOM killer good enough to handle the "some process went insane"
    case. From all accounts, Rik's patch does this well.
  * Comprehensive per-uid resource accounting (the beancounting work)
    to guard against malicious users. This would be great for 2.5
    (but, of course, that was said about 2.3 as well..) A full
    implementation would also fix DoSes against users using kernel
    memory (network buffers, page table mappings) which is a lot
    nastier than simple VM exhaustion.

-Mitch

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Mr. James W. Laferriere: "Re: ver_linux script"
• Previous message: Dunlap, Randy: "RE: USB under /proc"
• In reply to: James Sutherland: "Re: Some questions about linux kernel."
• Next in thread: Michael Bacarella: "Better user limits (Re: Some questions about linux kernel)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Mar 15 2000 - 21:00:30 EST