Re: [RFD] 'nice' attribute for executable files

[Horst von Brand]

Wiktor <victorjan@xxxxxxxxxxxxxx> said:
> Horst von Brand wrote:
> > Even better: Write a C wrapper for each affected program that just renices
> > it as needed.

> I suggest to implement scalable solution, so the final user wont't have 
> to write separate wrapper for *each* program.

Final user doesn't. It is a job for whoever writes the program, or packages
it for a distro. If even required.

>                                               universal wrapper is 
> better solution, but (now i know, that implementing something that can 
> be dangerous if used incorrectly is so evil, that only the devil could 
> have proposed it) it forces use of database (that normally would be kept 
> in filesystem's file metadata) and if some-malicious-person would have 
> accessed it in write mode (as result of wrong file permissions), the 
> system performerance would be in danger. in my solution, there is 
> per-file attribute, accessible only for root, and if hacker has root 
> permissions, existence of nice attribute is meaningless.

Anything like this that can be accessed by plain users (not root) is
inherently dangerous. It is for a reason that only root can increase the
priority of a process. If you allow reniceing and place some kind of limit
on it, even Aunt Tillie will run her programs with priority maxed out, and
we are back were we are today.
-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/