Re: [RFD] 'nice' attribute for executable files

From: Wiktor
Date: Wed Mar 30 2005 - 11:05:30 EST

Next message: DervishD: "linux-libc-headers scsi headers vs libc scsi headers"
Previous message: Linus Torvalds: "Re: i386/x86_64 segment register issuses (Re: PATCH: Fix x86 segmentregister access)"
In reply to: Bodo Eggert: "Re: [RFD] 'nice' attribute for executable files"
Next in thread: Måns Rullgård: "Re: [RFD] 'nice' attribute for executable files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bodo Eggert wrote:

Wiktor <victorjan@xxxxxxxxxxxxxx> wrote:
so i thought that it would be nice to add an attribute to file
(changable only for root) that would modify nice value of process when
it starts. if there is one byte free in ext2/3 file metadata, maybe it
could be used for that? i think that it woundn't be more dangerous than
setuid bit.

I guess there should be a maximum renice value ulimit instead, which would
allow running allmost any user task on a higher nice level, except the
important stuff, with the additional benefit of being able to temporarily
renice some tasks until the more important work is done.

I remember something similar being discussed for realtime tasks, but I don't
remember the outcome.

my xmms problem is unimportant here, i've posted this thread to propose some new feature in filesystem, not to solve problem with multimedia player!

max renice ulimit is quite good idea, but it allows to change nice of *any* process user has permissions to. it could be implemented also, but the idea of 'nice' file attribute is to allow *only* some process be run with lower nice. what's more, that nice would be *always* the same (at process startup)!
example:
web server runs as user www. it spawns perl interpreter that root wants to be run with lower nice, but he doesn't want to allow 'www' user to renice *any* process (for eg. this user is shared with webmaster, and webmaster is malicious person; i know, the webmaster could have another accout, but maybe for some file-ownership reasons, root doesn't want to create special account for him).
in this situation, setting nice-attribute for /usr/bin/perl solves the problem. remember, that this feature would also provide an easy way to increase nice level. it can be done with shell script, but setting nice value in file attributes is cleaner and easier to manage.

could it be implemented in some near future? thx for replies.

--
wixor
May the Source be with you.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: DervishD: "linux-libc-headers scsi headers vs libc scsi headers"
Previous message: Linus Torvalds: "Re: i386/x86_64 segment register issuses (Re: PATCH: Fix x86 segmentregister access)"
In reply to: Bodo Eggert: "Re: [RFD] 'nice' attribute for executable files"
Next in thread: Måns Rullgård: "Re: [RFD] 'nice' attribute for executable files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]