> According to Alan Cox:
> > I'd like to see per user as well as per process limits for kernel commitment,
> > address space commitment etc.
>
> I'd like to go a bit farther and allow per-group limits on a
> group-by-group basis. IMO, anything we can use in ACLs to control
> access to filesystem resources should also be usable to control
> other resources (like memory).
You don't need kernel support for that, just do it in a PAM module.
As an design example see the 'login classes' concept newer BSDs have,
I assume Linux will get something similar in the near future (especially
because it is very easy to add with PAM). It can be all implemented
completely in user space, given some basic kernel support: the LID with
associated limits as implemented in Alan's experimental patches.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/