Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262216AbVAYWrJ (ORCPT ); Tue, 25 Jan 2005 17:47:09 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262217AbVAYWpe (ORCPT ); Tue, 25 Jan 2005 17:45:34 -0500 Received: from 209-166-240-202.cust.walrus.com ([209.166.240.202]:49628 "EHLO ti41.telemetry-investments.com") by vger.kernel.org with ESMTP id S262212AbVAYWoi (ORCPT ); Tue, 25 Jan 2005 17:44:38 -0500 Date: Tue, 25 Jan 2005 17:44:37 -0500 From: "Bill Rugolsky Jr." To: Chris Wright Cc: Ingo Molnar , "Jack O'Quin" , Paul Davis , Con Kolivas , linux , rlrevell@joe-job.com, CK Kernel , utz , Andrew Morton , alexn@dsv.su.se, Rui Nuno Capela , Arjan van de Ven , Nick Piggin Subject: Re: [patch, 2.6.11-rc2] sched: /proc/sys/kernel/rt_cpu_limit tunable Message-ID: <20050125224437.GA19035@ti64.telemetry-investments.com> Mail-Followup-To: "Bill Rugolsky Jr." , Chris Wright , Ingo Molnar , Jack O'Quin , Paul Davis , Con Kolivas , linux , rlrevell@joe-job.com, CK Kernel , utz , Andrew Morton , alexn@dsv.su.se, Rui Nuno Capela , Arjan van de Ven , Nick Piggin References: <87hdl940ph.fsf@sulphur.joq.us> <20050124085902.GA8059@elte.hu> <20050124125814.GA31471@elte.hu> <87k6q2umla.fsf@sulphur.joq.us> <20050125083724.GA4812@elte.hu> <87oefdfaxp.fsf@sulphur.joq.us> <20050125214900.GA9421@elte.hu> <20050125135508.A24171@build.pdx.osdl.net> <20050125215758.GA10811@elte.hu> <20050125140302.C24171@build.pdx.osdl.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050125140302.C24171@build.pdx.osdl.net> User-Agent: Mutt/1.4.1i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1200 Lines: 23 On Tue, Jan 25, 2005 at 02:03:02PM -0800, Chris Wright wrote: > * Ingo Molnar (mingo@elte.hu) wrote: > > did that thread go into technical details? There are some rlimit users > > that might not be prepared to see the rlimit change under them. The > > RT_CPU_RATIO one ought to be safe, but generally i'm not so sure. > > Not really. I mentioned the above, as well as the security concern. > Right now, at least the task_setrlimit hook would have to change to take > into account the task. And I never convinced myself that async changes > would be safe for each rlimit. As was mentioned, but not discussed, in the /proc//rlimit thread, it is not difficult to envision conditions where setrlimit() on another process could make exploiting an application bug much easier, by, e.g., setting number of open files ridiculously low. So IMHO, it ought require privileges similar to ptrace() to change some, if not all, of the rlimits. Bill Rugolsky - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/