[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: OOM-killer prevention for master kdeinit process
From:       Peter Rockai <me () mornfall ! net>
Date:       2006-08-09 20:16:57
Message-ID: 20060809201657.GA16401 () lorien ! mornfall ! net
[Download RAW message or body]

On Wed, Aug 09, 2006 at 08:44:49PM +0200, Oswald Buddenhagen wrote:
> fwiw, by committing this you accept that a regular user can escape
> oom-killing to a certain degree for arbitrary applications (all that are
> launched by kdeinit) - i'm not sure how big the impact of -5 is, but i
> can imagine that's not something you *really* want in a multi-user
> environment.

I'd say it's not that big deal, since if something is being OOM-killed, the
system has been completely unusable for a few minutes already (unless
something changed in linux kernel since i last encountered an OOM kill). It's
probably useless as a DoS attack vector (if you can DoS the system, you could
do so already even without the oom-prevention privilege). I can't think of any
other way than DoS to exploit the privilege. Can you?

(In a multiuser system you probably want to have ulimits and enough swap to
avoid things like users triggering oom anyway -- being able to trigger oom
alone is probably enough to do nasty things to the system).

Yours, Peter.

-- 
Peter Rockai | me()mornfall!net | prockai()redhat!com | +421907533216 
   http://blog.mornfall.net | http://web.mornfall.net

"In My Egotistical Opinion, most people's C programs should be
 indented six feet downward and covered with dirt."
     -- Blair P. Houghton on the subject of C program indentation
[prev in list] [next in list] [prev in thread] [next in thread]