From: Matt Mackall <mpm@selenic.com>
To: Ingo Molnar <mingo@elte.hu>
Cc: Paul Davis <paul@linuxaudiosystems.com>,
Peter Williams <pwil3058@bigpond.net.au>,
Nick Piggin <nickpiggin@yahoo.com.au>,
Chris Wright <chrisw@osdl.org>,
"Jack O'Quin" <jack.oquin@gmail.com>,
Andrew Morton <akpm@osdl.org>,
Christoph Hellwig <hch@infradead.org>,
linux-kernel@vger.kernel.org, Con Kolivas <kernel@kolivas.org>,
rlrevell@joe-job.com
Subject: Re: 2.6.11-rc3-mm2
Date: Fri, 11 Feb 2005 00:25:36 -0800 [thread overview]
Message-ID: <20050211082536.GF15058@waste.org> (raw)
In-Reply-To: <20050211075417.GA2287@elte.hu>
On Fri, Feb 11, 2005 at 08:54:17AM +0100, Ingo Molnar wrote:
>
> * Matt Mackall <mpm@selenic.com> wrote:
>
> > Eh? Chris Wright's original rlimits patch was very straightforward
> > [...]
>
> the problem is that it didnt solve the problem (unprivileged user can
> lock up the system) in any way.
There are two separate but related problems:
a) need a way to give non-root access to SCHED_FIFO without other
privileges
b) would like a way to have RT-like capabilities without risk of DoS
The original rlimits patch solves (a), which is the pressing concern.
The existence of a satisfactory solution to related problem (b) has
yet to be demonstrated. And even if a solution for (b) is found that
is satisfactory for, say, high end audio users, it may not necessarily
be sufficient for everyone who might have wanted SCHED_FIFO for
non-root processes. So we still need a solution for (a).
> So after it became visible that all the
> existing 'dont allow users to lock up' solutions are too invasive, we
> went to recommend the solution that introduces the least architectural
> problems: RT-LSM.
RT-LSM introduces architectural problems in the form of bogus API. And
I claim that if RT-LSM becomes part of the mainline kernel, it -will-
become a default feature on the desktop in short order. The fact that
it's implemented as an LSM is meaningless if Redhat and SuSE ship it
on by default.
So the comparison boils down to putting a magic gid in a sysfs
file/module parameter or setting an rlimit with standard tools (PAM,
etc). I'm really boggled that anyone could prefer the former,
especially since we had almost this exact debate over what became the
mlock rlimit!
Here's Chris' patch for reference:
http://groups-beta.google.com/group/linux.kernel/msg/6408569e13ed6e80
--
Mathematics is the supreme nostalgia of our time.
next prev parent reply other threads:[~2005-02-11 8:26 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-10 20:51 2.6.11-rc3-mm2 Jack O'Quin
2005-02-11 0:04 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 0:47 ` 2.6.11-rc3-mm2 Chris Wright
2005-02-11 2:09 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 2:22 ` 2.6.11-rc3-mm2 Nick Piggin
2005-02-11 3:26 ` 2.6.11-rc3-mm2 Peter Williams
2005-02-11 3:41 ` 2.6.11-rc3-mm2 Paul Davis
2005-02-11 5:04 ` 2.6.11-rc3-mm2 Nick Piggin
2005-02-11 6:34 ` 2.6.11-rc3-mm2 Peter Williams
2005-02-11 6:42 ` 2.6.11-rc3-mm2 Nick Piggin
2005-02-11 5:09 ` 2.6.11-rc3-mm2 Peter Williams
2005-02-11 6:57 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 7:54 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 8:25 ` Matt Mackall [this message]
2005-02-11 8:48 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 8:58 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 9:01 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 9:04 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 9:27 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 17:49 ` 2.6.11-rc3-mm2 Paul Davis
2005-02-11 19:42 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 19:57 ` 2.6.11-rc3-mm2 Lee Revell
2005-02-11 8:14 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 8:22 ` 2.6.11-rc3-mm2 Christoph Hellwig
2005-02-11 8:41 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 8:59 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 9:40 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 9:53 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 17:37 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 17:49 ` 2.6.11-rc3-mm2 Ingo Molnar
2005-02-11 20:10 ` 2.6.11-rc3-mm2 Matt Mackall
2005-02-11 17:45 ` 2.6.11-rc3-mm2 Paul Davis
2005-02-14 5:21 ` 2.6.11-rc3-mm2 Werner Almesberger
-- strict thread matches above, loose matches on Subject: below --
2005-02-10 10:35 2.6.11-rc3-mm2 Andrew Morton
2005-02-10 13:35 ` 2.6.11-rc3-mm2 Christoph Hellwig
2005-02-10 20:01 ` 2.6.11-rc3-mm2 Andrew Morton
2005-02-12 22:43 ` 2.6.11-rc3-mm2 Olaf Dietsche
2005-02-10 22:13 ` 2.6.11-rc3-mm2 Corey Minyard
2005-02-10 22:42 ` 2.6.11-rc3-mm2 Benjamin Herrenschmidt
2005-02-10 23:02 ` 2.6.11-rc3-mm2 Andrew Morton
2005-02-10 23:31 ` 2.6.11-rc3-mm2 Benjamin Herrenschmidt
2005-02-10 23:17 ` 2.6.11-rc3-mm2 Adrian Bunk
2005-02-11 16:29 ` 2.6.11-rc3-mm2 Yuval Tanny
2005-02-12 14:53 ` 2.6.11-rc3-mm2 Henning Rohde
2005-02-14 13:22 ` 2.6.11-rc3-mm2 Stefano Rivoir
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050211082536.GF15058@waste.org \
--to=mpm@selenic.com \
--cc=akpm@osdl.org \
--cc=chrisw@osdl.org \
--cc=hch@infradead.org \
--cc=jack.oquin@gmail.com \
--cc=kernel@kolivas.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=nickpiggin@yahoo.com.au \
--cc=paul@linuxaudiosystems.com \
--cc=pwil3058@bigpond.net.au \
--cc=rlrevell@joe-job.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox