[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: artswrapper defanged
From: Andreas Pour <pour () mieterra ! com>
Date: 2002-07-19 19:49:27
[Download RAW message or body]
Roger Larsson wrote:
> > The _combination_ of these two purposes leads to a straightforward "local
> > denial of service attack": you let artsd compute lots of things. Since artsd
> > monitors its own CPU usage, you can only safely take away 90% of the CPU
> usage
> > a system has. Solution: start another artsd. Then you can take away 100% of
> > the CPU usage a system has. So a non root user can produce a system hang in
> > tiny shell script (will not post it here).
> >
>
> A simple check in artswrapper can handle this.
> Let it start only one artsd with RT priority!
> With a semaphore?
I don't think this can work, since if I understand correctly arts loads
other modules and/or starts other program and these can fork.
> Another solution is to have another program - possibly a spawned artswrapper
> to run at a priority higher than the artsd. It can then manage the artsd
> processes by killing / remove RT priority of artsd processes.
I have suggested this a few times, but apparently there is a flaw with
this paradigm, though it has not been explained to me in a way I
understand.
> It might also be necessary to monitor the amount of memory artsd processes
> might use - since it should be locked from swapping.
How do you know you are swapping? And why is swapping a particular
problem?
Ciao,
Dre
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic