Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754130AbXJJFoT (ORCPT ); Wed, 10 Oct 2007 01:44:19 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751504AbXJJFoL (ORCPT ); Wed, 10 Oct 2007 01:44:11 -0400 Received: from hawking.rebel.net.au ([203.20.69.83]:35465 "EHLO hawking.rebel.net.au" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751173AbXJJFoK convert rfc822-to-8bit (ORCPT ); Wed, 10 Oct 2007 01:44:10 -0400 Message-ID: <470C66A6.2060801@davidnewall.com> Date: Wed, 10 Oct 2007 15:14:06 +0930 From: David Newall User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2) Gecko/20070221 SeaMonkey/1.1.1 MIME-Version: 1.0 To: Gustavo Chain CC: linux-kernel@vger.kernel.org Subject: Re: [PATCH] Reserve N process to root References: <20071009194820.6c8d6e8d@0xff.cl> <470C2FA7.5030207@davidnewall.com> <20071010011523.7d6cca12@0xff.cl> In-Reply-To: <20071010011523.7d6cca12@0xff.cl> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 805 Lines: 25 Gustavo Chain wrote: > El Wed, 10 Oct 2007 11:19:27 +0930 > David Newall escribió: > >> Gustavo Chain wrote: >> >>> I think it's necessary to reserve some pids to the super user. >>> 5 must be sufficient. >>> >> Why? (Sorry if I missed something.) >> > > ¿ To prevent a posible DoS ? > That was what I thought you had in mind; it protects from some kind of fork bomb, right? But it doesn't seem useful unless you guarantee having a process already running (with CAP_SYS_ADMIN) *before* the bomb goes off. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/