Allow small amount of memory be mlock()'ed by unprivileged
process?
David Schultz
das at FreeBSD.ORG
Fri May 18 15:24:24 UTC 2012
On Wed, May 16, 2012, Eitan Adler wrote:
> On 16 May 2012 18:32, Adrian Chadd <adrian at freebsd.org> wrote:
> > .. what's to stop a fork() bomb from grabbing all pages?
>
> <quote>+ possibly limiting the number of pages per user, à la
> maxprocperuid.</quote>
Two other points about this:
- Each process already requires a number of wired pages in the
kernel, so adding a few more in userland shouldn't be a big deal.
- There are plenty of ways for an unprivileged user to wedge the
system if they really try.
ISTR alc commenting on a similar proposal years ago; I think at the
time we didn't have appropriate accounting limits or something.
More information about the freebsd-arch
mailing list