On Wed, 15 Mar 2000, Mitchell Blank Jr wrote:
> > > People have actually tried this and my patch seems to
> > > catch the hog just fine :)
> >
> > Any sufficiently well-coded bomb is indistinguishable from an innocent
> > unattended package :-)
>
> Which is why the solution is two-part:
> * An OOM killer good enough to handle the "some process went insane"
> case. From all accounts, Rik's patch does this well.
> * Comprehensive per-uid resource accounting (the beancounting work)
> to guard against malicious users. This would be great for 2.5
> (but, of course, that was said about 2.3 as well..) A full
> implementation would also fix DoSes against users using kernel
> memory (network buffers, page table mappings) which is a lot
> nastier than simple VM exhaustion.
Yes, this would be nice... ISTR someone said they were working on
something similar??
James.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Mar 23 2000 - 21:00:19 EST