22 Jun
2009
22 Jun
'09
8:02 p.m.
On Mon, 22.06.09 23:46, Jörn Nettingsmeier (nettings(a)folkwang-hochschule.de) wrote:
That is simply bogus.
With the reset-on-fork kernel patch in place you can perfectly
supervise an RT process and it cannot evade you. If the system becomes
unresponsive (which is all that we try to detect), then we can
demote/kill everyone who's misbehaving.
The worst thing that can happen is that we demote more processes than
necessary. But so what? As long as the evildoer's process is
demoted/killed you have a usable system again.
Also, stuff such as RLIMIT_RTTIME (which we specifically check to be
set in clients in rtkit) should make sure that the process cannot even
misuse RT in the first place.
Really, all this has been answered before. You can run around in
circles if you like to, but this is where I get off.
Lennart
--
Lennart Poettering Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/ GnuPG 0x1A015CC4
What is so
difficult to understand that rtkit is not intended to be a
solution for hardcore rt users?
rtkit is not for you!
Let me repeat this:
RTKIT IS NOT FOR YOU!
this is getting childish. my claim is: if you give rt to a user, you
enable him to fuck the machine up. that's a law of nature. you can do
all kinds of very clever things and try to have a very fast watchdog,
but it doesn't prevent abuse.