Date: Wed, 29 Apr 1998 12:53:38 -0700 (PDT) From: patl@phoenix.volant.org To: Karl Denninger <karl@mcs.net> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: sysctl for SIGDANGER Message-ID: <ML-3.3.893879618.3181.patl@asimov> In-Reply-To: <19980429073826.29484@mcs.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Simple. sysctl variable for whether or not a user process can set > SIG_HOLD. Better yet, instead of a simple boolean, make the sysctl variable a uid. Any uid less than or equal to that value is allowed to get the SIG_HOLD semantic. This gives the obvious degenerate cases for 'root only' and 'anyone'; but also allows the non-root userids that many of us prefer for critical daemons to be distinguished from 'real' users. I also think that the value should be checked when the system is looking for candidates to kill rather than actually preventing the user process from setting SIG_HOLD. That effectively gives us a fourth bucket to hold user processes that don't want to die; but will still be killed before SIG_HOLD system processes. And, more importantly, it has the expected behavour if the sys admin changes the sysctl variable after user processes have been started. In fact, it could be taken one step further. When the system is actually choosing processes to send a SIGKILL, it could give preference to those with uids above the cutoff point. So now we have six buckets. With the kill order being: user processes with no danger handler, system processes with no danger handler, user processes with a danger handler, system processes with a danger handler, user processes with SIG_HOLD set, system processes with SIG_HOLD set. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ML-3.3.893879618.3181.patl>