Re: [PATCH] [request for inclusion] Realtime LSM

From: Jack O'Quin
Date: Tue Mar 08 2005 - 00:31:44 EST

Next message: Trond Myklebust: "Re: NFS client bug in 2.6.8-2.6.11"
Previous message: Greg KH: "Re: [PATCH] Restore PWC driver"
In reply to: Jack O'Quin: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Morton <akpm@xxxxxxxx> writes:

> Matt Mackall <mpm@xxxxxxxxxxx> wrote:
>>
>> I think Chris Wright's last rlimit patch is more sensible and ready to
>> go.
>
> I must say that I like rlimits - very straightforward, although somewhat
> awkward to use from userspace due to shortsighted shell design.
>
> Does anyone have serious objections to this approach?

1. is likely to introduce multiuser system security holes like the one
created recently when the mlock() rlimits bug was fixed (DoS attacks)

2. requires updates to all the shells

3. forces Windows and Mac musicians to learn and understand PAM

4. is undocumented and has never been tested in any real music studios

--
joq
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Trond Myklebust: "Re: NFS client bug in 2.6.8-2.6.11"
Previous message: Greg KH: "Re: [PATCH] Restore PWC driver"
In reply to: Jack O'Quin: "Re: [PATCH] [request for inclusion] Realtime LSM"
Next in thread: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]