Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 12 Apr 2008 13:51:34 -0400
From:      Joe Marcus Clarke <marcus@marcuscom.com>
To:        Coleman Kane <cokane@freebsd.org>
Cc:        gnome@freebsd.org, imp@freebsd.org
Subject:   Re: Seahorse issues
Message-ID:  <1208022694.82222.25.camel@shumai.marcuscom.com>
In-Reply-To: <1208021918.82222.18.camel@shumai.marcuscom.com>
References:  <47FD09AC.2020907@FreeBSD.org> <1207776230.61729.28.camel@shumai.marcuscom.com> <47FD34E8.2000005@FreeBSD.org> <1207872846.87478.38.camel@shumai.marcuscom.com> <47FF66E3.8000304@FreeBSD.org>  <47FF722B.109@FreeBSD.org> <1207929297.55415.13.camel@shumai.marcuscom.com> <1208018626.10093.7.camel@localhost> <1208021918.82222.18.camel@shumai.marcuscom.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--=-y+FB/Q/2xvNEYZhccUm6
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Sat, 2008-04-12 at 13:38 -0400, Joe Marcus Clarke wrote:
> On Sat, 2008-04-12 at 12:43 -0400, Coleman Kane wrote:
> >=20
> > As for the mlock() privilege issue, I am not sure what we'll do about
> > that. It would be nice, at some point, to support that feature for
> > normal users. As long as I'm diligent about my swap-space, etc... and
> > access to my workstation, I'm *pretty* secure. Things like common-use
> > lab computers, etc... are probably more appropriate for this feature.
>=20
> Since we already have an rlimit for locked memory (RLIMIT_MEMLOCK), and
> it is used by the mlock(2) syscall, what about the attached patch to add
> a sysctl to control user access to mlock (but not allowing mlockall(2))?
> This has been tested to fix the gnome-keyring issue when the sysctl is
> set to 1.  If this is agreeable, I can add some manpage docs as well.

Minor modification to allow munlock(2) as well as mlock(2).

http://www.marcuscom.com/downloads/vm_mmap.c.diff

Joe

--=20
PGP Key : http://www.marcuscom.com/pgp.asc

--=-y+FB/Q/2xvNEYZhccUm6
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (FreeBSD)

iEYEABECAAYFAkgA9qYACgkQb2iPiv4Uz4fb2ACfVZuAUSqVXncBhB5XmLwmAchU
K9IAni5cXczgoNIGiOthqB17bkbgWdxS
=A9mY
-----END PGP SIGNATURE-----

--=-y+FB/Q/2xvNEYZhccUm6--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1208022694.82222.25.camel>