real SetProcessClass and SetThreadPriority support
Andreas Mohr
andi at rhlx01.fht-esslingen.de
Mon Apr 11 08:16:18 CDT 2005
Hi,
On Mon, Apr 11, 2005 at 02:07:47PM +0100, Mike Hearn wrote:
> On Sun, 2005-04-10 at 19:42 -0500, Robert Shearman wrote:
> > You're forgetting the reason why we need the suid root binary -
> > because allowing processes to set their priority as realtime (or
> > otherwise very high) leaves the system open to a trvial DoS attack.
> > Not only do the startup code paths need to be audited, but also the
> > priority setting logic too.
>
> Good point. But I don't think there's any way to avoid this:
> fundamentally anyone can write a Win32 app that requests realtime
> priority and then goes into an infinite loop. In order to emulate that
> faithfully Linux just has to budge.
Nope, that's just the main issue of what the CK kernel discussed:
how to implement some sort of "realtime" priority *without* DoS capabilities.
And the result was SCHED_ISO.
See
http://bhhdoa.org.au/pipermail/ck/2004-October/001169.html
for an overview.
But OTOH your point is still valid: even a SCHED_ISO wouldn't emulate
this kind of realtime priority correctly, since it *can* be preempted,
which would probably violate Win32 realtime prio properties.
Still, it's a very acceptable compromise, I'd say.
> It's not like it's hard to DoS a desktop Linux box anyway. Just compile
> winetest on it ;) <duck>
Now that's true ;)
Andreas
More information about the wine-devel
mailing list