Re: [PATCH] [request for inclusion] Realtime LSM

From: Matt Mackall
Date: Tue Jan 11 2005 - 17:23:35 EST

Next message: Brian King: "Re: [PATCH 1/1] pci: Block config access during BIST (resend)"
Previous message: Barry K. Nathan: "Re: 2.6.10-mm2: swsusp problem with resuming on batteries (AMD64)"
In reply to: Chris Wright: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Chris Wright: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 11, 2005 at 01:42:51PM -0800, Chris Wright wrote:
> > But I'm also still not convinced this policy can't be most flexibly
> > handled by a setuid helper together with the mlock rlimit.
>
> Wait, why can't it be done with (to date fictitious) pam_prio, which
> simply calls sched_setscheduler? It's already privileged while it's
> doing these things...

You certainly do not want to run everything at RT from login on.
That'd be bad.

Also, tying to UIDs rather than (UID, executable) is worrisome as
random_game_with_audio in Gnome might decide it needs RT, much to the
admin's surprise.

--
Mathematics is the supreme nostalgia of our time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Brian King: "Re: [PATCH 1/1] pci: Block config access during BIST (resend)"
Previous message: Barry K. Nathan: "Re: 2.6.10-mm2: swsusp problem with resuming on batteries (AMD64)"
In reply to: Chris Wright: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Chris Wright: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]