Re: your mail
From: Chris Wright (chrisw_at_osdl.org)
Date: 05/25/04
- Previous message: Ryan Tokarek: "Problem: network drops; ethernet driver problem? (IRQ 11 disabled)"
- In reply to: Laughlin, Joseph V: "(no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 24 May 2004 15:33:59 -0700 To: "Laughlin, Joseph V" <Joseph.V.Laughlin@boeing.com>
* Laughlin, Joseph V (Joseph.V.Laughlin@boeing.com) wrote:
> I've been tasked with modifying a 2.4 kernel so that a non-root user can
> do the following:
>
> Dynamically change the priorities of processes (up and down)
Requires CAP_SYS_NICE.
> Lock processes in memory
Currently requires CAP_IPC_LOCK. However, this one is already been
done using rlimits (at least via mlock() and friends, SHM_LOCK has
different issue).
> Can change process cpu affinity
Requires CAP_SYS_NICE (but I believe this was a 2.6 feature).
> Anyone got any ideas about how I could start doing this? (I'm new to
> kernel development, btw.)
There's a few approaches floating about. Probably the simplest is to
disable the checks globally, but this will also be less secure. I have
an example of this in 2.6 if you'd like.
thanks,
-chris
-- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Previous message: Ryan Tokarek: "Problem: network drops; ethernet driver problem? (IRQ 11 disabled)"
- In reply to: Laughlin, Joseph V: "(no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
