>
> Re: The CPU quotas...
>
> Max CPU time per process is already supported and has been for a long time.
> See man setrlimit, and note RLIMIT_CPU. This support is in the kernel,
> software support is also needed, and is forthcoming as a config file with
> the Shadow Password Suite.
Good. Half the job is already done. Someone should write a book on the
2.0 kernel, and explain all the sections, and have them indexed by usage,
in multiple volumes! :-) And have a appendix published for each new
upgrade patch. Heheh
>
> Max % cpu time would be a very useful thing to have, and in theory not
> too hard to do. sched.c would have to be modified however and performance
> might drop a little with the extra checks involved.
I really hope it will be done. I would not really mind a small
performance drop, and that is why it would be #ifdef'd and optional in a
make config option.
>
> Other ideas for 2.1:
>
> o Allow user setting of permissions of files within /proc. (I was working
> on this ages ago).
Umm, why? :-)
>
> o Better process accounting.
True.... very much needed.
> o System call auditing (for really security paranoid sites).
I guess you are a "really security paranoid site". :-> Then again, I could
think of a few calls I would want to log. Oh well...
> Chris.
>
Later...
-- Jeff Johnson GCS d- s: !a C+++ UA++(+++) P+ L+ trn@gate.net E---- W+++ N+++(+++++) K- w(+) O(-) KE4QWX M- V-(--) PS+ PE Y++ PGP+++(+++++) t- http://www.gate.net/~trn 5 X+++(+++++) R tv+ b++ DI-- D G++ e* !h r y? Nerdity Test = 66% Hacker Test = 45% 1024/3397E001 1995/06/10 5B 92 8B 34 84 E9 42 26 DC FB F7 C4 1E 0E 80 29