Date: Fri, 18 May 2012 11:23:59 -0400 From: David Schultz <das@FreeBSD.ORG> To: Eitan Adler <lists@eitanadler.com> Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no>, Adrian Chadd <adrian@FreeBSD.ORG>, d@delphij.net, freebsd-arch@FreeBSD.ORG Subject: Re: Allow small amount of memory be mlock()'ed by unprivileged process? Message-ID: <20120518152359.GA38257@zim.MIT.EDU> In-Reply-To: <CAF6rxgmDW21aPJ5Mp6Tbk1z02ivw4UPhSaNEX%2BWiu7O0v13skA@mail.gmail.com> References: <4FAC3EAB.6050303@delphij.net> <861umkurt8.fsf@ds4.des.no> <CAJ-VmokY%2Bpgcq999NHShbq-3rK3=oeWT2WY7NmTvVdXOHZJhdg@mail.gmail.com> <CAF6rxgmDW21aPJ5Mp6Tbk1z02ivw4UPhSaNEX%2BWiu7O0v13skA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 16, 2012, Eitan Adler wrote: > On 16 May 2012 18:32, Adrian Chadd <adrian@freebsd.org> wrote: > > .. what's to stop a fork() bomb from grabbing all pages? > > <quote>+ possibly limiting the number of pages per user, à la > maxprocperuid.</quote> Two other points about this: - Each process already requires a number of wired pages in the kernel, so adding a few more in userland shouldn't be a big deal. - There are plenty of ways for an unprivileged user to wedge the system if they really try. ISTR alc commenting on a similar proposal years ago; I think at the time we didn't have appropriate accounting limits or something.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120518152359.GA38257>