Re: [linux-audio-dev] new realtime scheduling policy

New Message Reply About this list Date view Thread view Subject view Author view Other groups

Subject: Re: [linux-audio-dev] new realtime scheduling policy
From: rm (async_AT_cc.gatech.edu)
Date: Wed Mar 19 2003 - 17:19:20 EET


On Wed, Mar 19, 2003 at 09:24:39AM -0500, Paul Davis wrote:
> [...]
> in addition, if you add resource limits so that things can still be
> killed, having user tasks running like this actually isn't much of a
> problem - SCHED_FIFO and mlockall only represent a denial of service
> attack if you can't kill them (as is the case at the moment).

the second case you note is that a malicious user can use mlock and
sched_fifo where they couldn't before. all things being equal, this
shouldn't be any additional risk since there are limits.

but i think of it in terms of a sort of occam's razor of security: the
added privilege of the user accounts now requires new conditions to
remain as secure as before. namely, that there be limits lower than
the maximum. this is easy for the distro to ensure, but it adds one
more path that may not be otherwise there to exploit. if there are two
ways of doing essentially equivalent tasks, you've increased your
liklihood of having a security bug overall without necessity.

i know you can (and i can) argue that this will enhance security in
certain ways (no need to gain root perms when only mlock/sched_fifo
are necessary...ie. principle least privilege). but my feeling is that
you can't start adding random stuff into the kernel (which can already
be done) because it would make one niche group or another's life
easier. (lots of little arguments to be had there).

but when it gets down to it, what i think is irrelevant, so you don't
need to convinence me one way or another. i'd make the patch because
it simplifies my life as a user, but i won't try very hard to convince
anyone else that it should go into the kernel.

                rob

P.S. gawsh i'm longwinded.

----
Robert Melby
Georgia Institute of Technology, Atlanta Georgia, 30332
uucp:     ...!{decvax,hplabs,ncar,purdue,rutgers}!gatech!prism!gt4255a
Internet: async_AT_cc.gatech.edu


New Message Reply About this list Date view Thread view Subject view Author view Other groups

This archive was generated by hypermail 2b28 : Wed Mar 19 2003 - 17:16:50 EET