| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Jul 2014 08:49:58 -0400 From: Tejun Heo <tj@...nel.org> To: Vladimir Davydov <vdavydov@...allels.com> Cc: Michal Hocko <mhocko@...e.cz>, Johannes Weiner <hannes@...xchg.org>, linux-mm@...ck.org, LKML <linux-kernel@...r.kernel.org>, Hugh Dickins <hughd@...gle.com>, Greg Thelen <gthelen@...gle.com>, Glauber Costa <glommer@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com> Subject: Re: [RFC PATCH] memcg: export knobs for the defaul cgroup hierarchy On Mon, Jul 21, 2014 at 04:03:32PM +0400, Vladimir Davydov wrote: > I think it's all about how we're going to use memory cgroups. If we're > going to use them for application containers, there's simply no such > problem, because we only want to isolate a potentially dangerous process > group from the rest of the system. If we want to start a fully > virtualized OS inside a container, then we certainly need a kind of For shell environments, ulimit is a much better specific protection mechanism against fork bombs and process-granular OOM killers would behave mostly equivalently during fork bombing to the way it'd behave in the host environment w/o cgroups. I'm having a hard time seeing why this would need any special treatment from cgroups. Thanks. -- tejun -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists