Date: Fri, 21 Jul 2006 20:40:44 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: freebsd-arch@freebsd.org Subject: mlock(2) for ordinary users Message-ID: <20060721104044.GB728@turion.vk2pj.dyndns.org>
next in thread | raw e-mail | index | archive | help
--GID0FwUMdk1T2AWN Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Currently mlock() and munlock() are restricted to the root user - which prevents an ordinary user locking their process into RAM to the detriment of the system as a whole. Whilst this is a valid concern, there are good security reasons for allowing a user to lock small amounts of memory (a few pages) to ensure that sensitive information (private keys, passwords etc) don't wind up on swap devices. There is a resource limit for locked pages (RLIMIT_MEMLOCK) and, despite the man page, a quick look at the code implies that it really is honoured. Could someone with more VM-foo please confirm whether the last line of the man page is still correct. I would like to suggest that the suser() tests in mlock() and munlock() be removed and the default RLIMIT_MEMLOCK is reduced from infinity to (say) 1. The only gotcha I can see is that lots of sysctl() functions use RLIMIT_MEMLOCK via sysctl_wire_old_buffer() and vslock(). Comments please. --=20 Peter Jeremy --GID0FwUMdk1T2AWN Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFEwK8q/opHv/APuIcRAhCGAJ4+CkNN8K/bJDda3BlCLFh3gCsxcwCeNeqr a8S48ah08wOV/5k37N9o+yo= =Xaxb -----END PGP SIGNATURE----- --GID0FwUMdk1T2AWN--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060721104044.GB728>