Valdis.Kletnieksat_private wrote: >On Mon, 07 Oct 2002 11:05:36 PDT, Seth Arnold <sarnoldat_private> said: > > >>prevent cache thrashing; I don't see a point to mediating cpu affinity >>in an access control module. (Well, aside from covert timing channels, >> >> >Umm.. taking a shot in the dark here, but to make sure that one user can't >cause a DoS against some production workload that needs affinity? It >would suck if your payroll system ran on a box that had 4 CPUs, and needed >to set affinity to 3 of them - and Fred J Nasty has already started 2 >processes with affinity... > > Anticipating predictable rebuttal :) aside from processor affinity, have we also closed all of the other trivial ways that a local user/process can DoS a machine into the ground by consuming gobs of resources? Fork bombing, consuming as much memory as possible, thrashing all levels of cache and disk, flooding network connections, etc. I'm not convinced that we even come close to preventing local DoS. But I could be wrong. Convince me, as I'm much more patient than the LKML crowd with this kind of thing :) and these are the kinds of questions they will ask. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Mon Oct 07 2002 - 12:42:29 PDT