Thread (4 messages) 4 messages, 3 authors, 2000-11-16

RE: KPATCH] Reserve VM for root (was: Re: Looking for better VM)

From: Rik van Riel <hidden>
Date: 2000-11-16 16:21:56
Also in: lkml

On Thu, 16 Nov 2000, Szabolcs Szakacsits wrote:

	[snip exploit that really shouldn't take Linux down]
This or something similar didn't kill the box [I've tried all local
DoS from Packetstorm that I could find]. Please send a working
example. Of course probably it's possible to trigger root owned
processes to eat memory eagerly by user apps but that's a problem in
the process design running as root and not a kernel issue.
Not necessarily, but your patch will probably make a difference
for quite a number of people...
If you think fork() kills the box then ulimit the maximum number
of user processes (ulimit -u). This is a different issue and a
bad design in the scheduler (see e.g. Tru64 for a better one).
My fair scheduler catches this one just fine. It hasn't
been integrated in the kernel yet, but both VA Linux and
Conectiva use it in their kernel RPM.
BTW, I have a new version of the patch with that Linux behaves
much better from root's point of view when the memory is more
significantly overcommited. I'll post it if I have time [and
there is interest].
There is interest, believe me ;)

While this is not one of the sexy new kernel
features, this will help quite a few system
administrators and is destined to a long and
healthy life inside kernel RPMs, maybe even
in the main kernel tree (when 2.5 splits?).

regards,

Rik
--
"What you're running that piece of shit Gnome?!?!"
       -- Miguel de Icaza, UKUUG 2000

http://www.conectiva.com/		http://www.surriel.com/

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux.eu.org/Linux-MM/
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help