Re: [patch] mlock-as-nonroot revisted

From: Andrea Arcangeli (andrea_at_suse.de)
Date: 08/03/04

Next message: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"

Previous message: Jon Smirl: "Re: [PATCH] add PCI ROMs to sysfs"
In reply to: Rik van Riel: "Re: [patch] mlock-as-nonroot revisted"
Next in thread: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"
Reply: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"
Reply: Rik van Riel: "Re: [patch] mlock-as-nonroot revisted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date:	Tue, 3 Aug 2004 23:22:31 +0200
To: Rik van Riel <riel@redhat.com>

On Tue, Aug 03, 2004 at 05:13:56PM -0400, Rik van Riel wrote:
> On Tue, 3 Aug 2004, Andrea Arcangeli wrote:
>
> > > - if (shmflg & SHM_HUGETLB)
> > > + if (shmflg & SHM_HUGETLB) {
> > > + /* hugetlb_zero_setup takes care of mlock user accounting */
> > > file = hugetlb_zero_setup(size);
> > > + shp->mlock_user = current->user;
> > > + } else {
>
> > where do you change mlock_user in chown?
>
> You don't. Normal users aren't allowed to chown each
> other's files, nor are they allowed to "give away" one
> of their files to somebody else.
>
> On unlock the quota gets deducted from the user who
> created the hugetlbfs file.
>
> This means there shouldn't be security issues with this
> approach. Let me know if I've overlooked one.

I agree there aren't security issues, but it's still very wrong to
charge the old user if the admin gives the locked ram to a new user.
This erratic behaviour shows how much the rlimit approch is flawed for
named fs objects that have nothing to do with the transient task that
created them.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"

Previous message: Jon Smirl: "Re: [PATCH] add PCI ROMs to sysfs"
In reply to: Rik van Riel: "Re: [patch] mlock-as-nonroot revisted"
Next in thread: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"
Reply: Arjan van de Ven: "Re: [patch] mlock-as-nonroot revisted"
Reply: Rik van Riel: "Re: [patch] mlock-as-nonroot revisted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: SATA support merge in 2.4.27
... > A stable kernel is a kernel in which a new release does not induce 20 rejects ... > confidently upgrade to fix a security issue without worrying that everything ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: Interrupt lost { .... }
... > CHS current addressable sectors: ... > not expired: security count ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: Elastic Quota File System (EQFS)
... undeleting. ... rm becomes a set EQFS bit. ... you either have a quota or you don't; ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: 1352 NUL bytes at the end of a page? (was Re: Assertion `s && s->tree failed: The sag
... >> elsewhere, we are writing to a tmp file, the tmp file is NOT mmapped. ... You've described it correctly for reiserfs though, we unlock the page ... I don't see how you can trigger this on ext3 without truncate jumping ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: 2.6.12-rc1-bk does not boot x86_64
... Only works to initialise the lock as unlocked on platforms whose unlock ... int proto_register ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)