OOM-killer prevention for master kdeinit process

Peter Rockai me at mornfall.net
Wed Aug 9 21:16:57 BST 2006


On Wed, Aug 09, 2006 at 08:44:49PM +0200, Oswald Buddenhagen wrote:
> fwiw, by committing this you accept that a regular user can escape
> oom-killing to a certain degree for arbitrary applications (all that are
> launched by kdeinit) - i'm not sure how big the impact of -5 is, but i
> can imagine that's not something you *really* want in a multi-user
> environment.

I'd say it's not that big deal, since if something is being OOM-killed, the
system has been completely unusable for a few minutes already (unless
something changed in linux kernel since i last encountered an OOM kill). It's
probably useless as a DoS attack vector (if you can DoS the system, you could
do so already even without the oom-prevention privilege). I can't think of any
other way than DoS to exploit the privilege. Can you?

(In a multiuser system you probably want to have ulimits and enough swap to
avoid things like users triggering oom anyway -- being able to trigger oom
alone is probably enough to do nasty things to the system).

Yours, Peter.

-- 
Peter Rockai | me()mornfall!net | prockai()redhat!com | +421907533216 
   http://blog.mornfall.net | http://web.mornfall.net

"In My Egotistical Opinion, most people's C programs should be
 indented six feet downward and covered with dirt."
     -- Blair P. Houghton on the subject of C program indentation




More information about the kde-core-devel mailing list