The suid root is well in place here. What cripples is that the max
size for the to phys locked memory segment which does not allow for
more then 512 MByte.
> Couldn't there be a kernel option (maybe tunable by /proc/something)
> through wich the kernel could grant a limited amount of mlock-able
> memory for each non-root process? This could default to 0 but be
> increased when sensitive software is being used.
Implementing something like SIGDANGER (available under AIX 4.x for
example) is much nicer. I.e. reserve a signal for processes becoming
a thread for the total available virtual memory pool. This to suite
any virtual memory exhaustion.
-- Wim ten Have.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/