From: Bill Davidsen <davidsen@tmr.com>
To: "Diego Calleja García" <diegocg@teleline.es>
Cc: Rik van Riel <riel@redhat.com>,
andrea@suse.de, linux-kernel@vger.kernel.org
Subject: Re: 2.6.5-rc1-aa1
Date: Thu, 18 Mar 2004 19:34:29 -0500 [thread overview]
Message-ID: <405A4015.40108@tmr.com> (raw)
In-Reply-To: <20040318211532.293bb63c.diegocg@teleline.es>
Diego Calleja García wrote:
> El Thu, 18 Mar 2004 11:49:52 -0500 (EST) Rik van Riel <riel@redhat.com> escribió:
>
>
>>I suspect the security paranoid will like this patch too,
>>because it allows gnupg to mlock the memory it wants to
>>have locked.
>
>
> I think it's good for cd-burning too. Currently most of the distros set
> the suid bit for cdrecord (wich implies some security bugs). You can
> workaround that by changing the devide node's permissions and kill the suid bit:
> brw-rw---- 1 root burning 22, 0 2003-05-23 16:41 /dev/cd-rw
>
> but still cdrecord will cry:
> cdrecord: Operation not permitted. WARNING: Cannot do mlockall(2).
> cdrecord: WARNING: This causes a high risk for buffer underruns.
>
> With that patch desktop users will be able to burn cds without falling into
> buffer underruns and without using the suid hack, I guess? Nice work :)
Have a bit of caution there, cdrecord sets itself realtime priority,
locks pages in memory, and ensures that the process is likely to work
even under load. I don't think addressing just a part of the problem
will result in reliability under load. You would have to look at
capabilities to allow these things to be done, under load they may not
keep up depending on what's going on. Good to get a start, don't assume
all the issues are addressed.
--
-bill davidsen (davidsen@tmr.com)
"The secret to procrastination is to put things off until the
last possible moment - but no longer" -me
next prev parent reply other threads:[~2004-03-19 0:34 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-18 2:22 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-18 15:32 ` 2.6.5-rc1-aa1 Rik van Riel
2004-03-18 15:53 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-18 16:42 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-18 16:49 ` 2.6.5-rc1-aa1 Rik van Riel
2004-03-18 20:15 ` 2.6.5-rc1-aa1 Diego Calleja García
2004-03-19 0:34 ` Bill Davidsen [this message]
2004-03-19 1:51 ` 2.6.5-rc1-aa1 Diego Calleja García
2004-03-20 16:31 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-20 16:36 ` 2.6.5-rc1-aa1 Marc-Christian Petersen
2004-03-18 20:41 ` 2.6.5-rc1-aa1 Hugh Dickins
2004-03-18 23:06 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-18 23:29 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-19 0:49 ` 2.6.5-rc1-aa1 Paul Mackerras
2004-03-20 13:35 ` 2.6.5-rc1-aa1 Rik van Riel
2004-03-20 14:25 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-18 22:14 ` 2.6.5-rc1-aa1 Andrea Arcangeli
2004-03-18 22:37 ` 2.6.5-rc1-aa1 Hugh Dickins
2004-03-18 23:09 ` 2.6.5-rc1-aa1 Andrea Arcangeli
[not found] <Pine.GSO.4.58.0403181228360.24039@blue.engin.umich.edu>
2004-03-18 18:03 ` 2.6.5-rc1-aa1 Rik van Riel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=405A4015.40108@tmr.com \
--to=davidsen@tmr.com \
--cc=andrea@suse.de \
--cc=diegocg@teleline.es \
--cc=linux-kernel@vger.kernel.org \
--cc=riel@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox