lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 8 Aug 2007 15:49:49 +0400
From:	varg@...or.jinr.ru (Sheplyakov Alexei)
To:	Andi Kleen <andi@...stfloor.org>
Cc:	dragoran <drago01@...il.com>, linux-kernel@...r.kernel.org
Subject: Re: allow non root users to set io priority "idle" ?

On Wed, Aug 08, 2007 at 12:20:56PM +0200, Andi Kleen wrote:

> > I don't quite understand. There are a lot of other ways to starve such
> > high-priority process: 
> > 1. renice the low-priority process
> 
> That requires user action.

As well as lowering IO priority. 

> > 2. send it a signal
> > 3. ptrace it
> 
> Only root can do these.

The original question (unless I'm missing something) was "why _the owner_
of a process is not enabled to lower its IO priority?" The owner of the
process certainly can send signal and ptrace it.

> Low priority as allowed by renice is ok -- the resource holder will 
> run eventually and the system make progress.

System (whatever that means) should not depend on random users' processes.

> e.g. if you google a bit you can find a famous story where the NASA
> had to do that remotely to solve a PI problem on one of the Mars rovers.

Certainly there are a scenarios when lowering priority (CPU or IO) have 
negative effect. "If it hurts -- then don't do it". However, it is not
kernels job to decide if the user is right. If the user asks to do
something "stupid" (run his process with idle IO priority, whipe out his
home directory, you name it) -- just do that (as long as the action is 
permitted by the security policy).

P.S. 
Please CC me, I'm not subscribed.

Best regards,
 Alexei

-- 
All science is either physics or stamp collecting.


Download attachment "signature.asc" of type "application/pgp-signature" (828 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ