On Thu, Oct 24, 2002 at 02:13:01PM +0200, Frank Cornelis wrote:
> This way a parent process is able to temporary drop some of its
> limits in order to make a restricted child process and restore
> its resource limits afterwards. Currenly it is not possible to
> make a child process with smaller resource limits than the parent
> process without the parent process losing its (hard) max limits
> (As far as I know, correct me if I'm wrong).
Hmm, this statement suggests the author misunderstands the Unix-based
conventional use of the separated fork/exec calls. After the fork
call, the child process is still running code common to the parent,
but typically (by convention) a different leg of an if-then-else
statement. This code in this leg can reduce resource limits before
make an exec call to start a new program. The parent's limits are
not affected. There's no need to change the kernel.
-- Randolph Bentson bentson@holmsjoen.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Oct 31 2002 - 22:00:23 EST