mlock(2) for ordinary users
- From: Peter Jeremy <peterjeremy@xxxxxxxxxxxxxxxx>
- Date: Fri, 21 Jul 2006 20:40:44 +1000
Currently mlock() and munlock() are restricted to the root user -
which prevents an ordinary user locking their process into RAM to the
detriment of the system as a whole. Whilst this is a valid concern,
there are good security reasons for allowing a user to lock small
amounts of memory (a few pages) to ensure that sensitive information
(private keys, passwords etc) don't wind up on swap devices.
There is a resource limit for locked pages (RLIMIT_MEMLOCK) and,
despite the man page, a quick look at the code implies that it really
is honoured. Could someone with more VM-foo please confirm whether
the last line of the man page is still correct.
I would like to suggest that the suser() tests in mlock() and
munlock() be removed and the default RLIMIT_MEMLOCK is reduced from
infinity to (say) 1. The only gotcha I can see is that lots of
sysctl() functions use RLIMIT_MEMLOCK via sysctl_wire_old_buffer()
and vslock().
Comments please.
--
Peter Jeremy
Attachment:
pgpBkgPDdWhpQ.pgp
Description: PGP signature
- Follow-Ups:
- Re: mlock(2) for ordinary users
- From: Robert Watson
- Re: mlock(2) for ordinary users
- Prev by Date: On the coming demise of debug.mpsafevm and pmap_page_protect()
- Next by Date: Re: mlock(2) for ordinary users
- Previous by thread: On the coming demise of debug.mpsafevm and pmap_page_protect()
- Next by thread: Re: mlock(2) for ordinary users
- Index(es):
Relevant Pages
|
