artswrapper defanged

[Andreas Pour]

Roger Larsson wrote:

> > The _combination_ of these two purposes leads to a straightforward "local
> > denial of service attack": you let artsd compute lots of things. Since artsd
> > monitors its own CPU usage, you can only safely take away 90% of the CPU 
> usage
> > a system has. Solution: start another artsd. Then you can take away 100% of
> > the CPU usage a system has. So a non root user can produce a system hang in
> > tiny shell script (will not post it here).
> > 
> 
> A simple check in artswrapper can handle this.
> Let it start only one artsd with RT priority!
>  With a semaphore?

I don't think this can work, since if I understand correctly arts loads
other modules and/or starts other program and these can fork.

> Another solution is to have another program - possibly a spawned artswrapper 
> to run at a priority higher than the artsd. It can then manage the artsd 
> processes by killing / remove RT priority of artsd processes.

I have suggested this a few times, but apparently there is a flaw with
this paradigm, though it has not been explained to me in a way I
understand.
 
> It might also be necessary to monitor the amount of memory artsd processes 
> might use - since it should be locked from swapping.

How do you know you are swapping?  And why is swapping a particular
problem?

Ciao,

Dre