Re: [patch] mlock-as-nonroot revisted

From: Rik van Riel
Date: Thu Jul 29 2004 - 19:52:41 EST


On Thu, 29 Jul 2004, Andrea Arcangeli wrote:

> So as described some month ago such patch is insecure and conceptually
> flawed since they're using rlimits to control persistent objects that
> have absolutely nothing to do with the task itself, which in turns make
> the rlimit useless.

Which is why shared memory segments are accounted against
the USER, instead of against the TASK.

Your criticism from a few months ago was noted and the
patch got fixed. If you want to criticise the new code,
please read it first, especially the changes to shmem.c ;)

--
"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it." - Brian W. Kernighan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/