OOM-killer prevention for master kdeinit process
Oswald Buddenhagen
ossi at kde.org
Fri Aug 4 19:59:08 BST 2006
On Fri, Aug 04, 2006 at 03:11:37PM +0200, Lubos Lunak wrote:
> Any objections to commit?
>
yes. you are essentially creating a blank check for any application to
"escape" oom-killing, essentially subverting the idea of /proc/*/oom_adj
being writable only by root. that's like making 'kill' setuid root (well,
make it 'nice' and it fits). i guess that's also the reason why debian
doesn't like utempter: it gives too much power away.
the next idea would be letting the actual kdeinit spawn the empowered
helper and drop setuid, but that doesn't work, either, as the
de-priviledged kdeinit would be exposed to memory image attacks by the
user.
ergo, this idea doesn't work by design, unless i'm missing something.
does somebody say setuid root KApplication? ;)
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.
More information about the kde-core-devel
mailing list