Hi,
On Mon, Apr 11, 2005 at 02:07:47PM +0100, Mike Hearn wrote:
On Sun, 2005-04-10 at 19:42 -0500, Robert Shearman wrote:
You're forgetting the reason why we need the suid root binary - because allowing processes to set their priority as realtime (or otherwise very high) leaves the system open to a trvial DoS attack. Not only do the startup code paths need to be audited, but also the priority setting logic too.
Good point. But I don't think there's any way to avoid this: fundamentally anyone can write a Win32 app that requests realtime priority and then goes into an infinite loop. In order to emulate that faithfully Linux just has to budge.
Nope, that's just the main issue of what the CK kernel discussed: how to implement some sort of "realtime" priority *without* DoS capabilities. And the result was SCHED_ISO.
See http://bhhdoa.org.au/pipermail/ck/2004-October/001169.html for an overview.
But OTOH your point is still valid: even a SCHED_ISO wouldn't emulate this kind of realtime priority correctly, since it *can* be preempted, which would probably violate Win32 realtime prio properties.
Still, it's a very acceptable compromise, I'd say.
It's not like it's hard to DoS a desktop Linux box anyway. Just compile winetest on it ;) <duck>
Now that's true ;)
Andreas