From owner-freebsd-current Tue Apr 13 5:23: 7 1999 Delivered-To: freebsd-current@freebsd.org Received: from kot.ne.mediaone.net (kot.ne.mediaone.net [24.218.12.203]) by hub.freebsd.org (Postfix) with ESMTP id B67C51561C for ; Tue, 13 Apr 1999 05:23:04 -0700 (PDT) (envelope-from mi@kot.ne.mediaone.net) Received: (from mi@localhost) by kot.ne.mediaone.net (8.9.1a/8.9.1) id IAA08601; Tue, 13 Apr 1999 08:20:20 -0400 (EDT) From: Mikhail Teterin Message-Id: <199904131220.IAA08601@kot.ne.mediaone.net> Subject: Re: DoS from local users (fwd) In-Reply-To: <19990413004728.C1968@holly.dyndns.org> from Chris Costello at "Apr 13, 1999 00:47:28 am" To: chris@calldei.com Date: Tue, 13 Apr 1999 08:20:19 -0400 (EDT) Cc: current@freebsd.org X-Face: %UW#n0|w>ydeGt/b@1-.UFP=K^~-:0f#O:D7w hJ5G_<5143Bb3kOIs9XpX+"V+~$adGP:J|SLieM31VIhqXeLBli" :Sun has a product for this, Solaris Resource Manager. = You don't need to tune user accounts, you need only put the =users in a separate login class (if that hasn't already been =done) and modify the resource limitation for that login =restriction. Speaking of which. Can we have the login class database distributed over NIS? => If one can't control one's users, one has no business managing => them. The last thing FreeBSD needs is some overly complex, => sophisticated scheduler designed to help bozo sysops stay on => their feet. = I agree with you very much here. Public shell systems are a =bad idea. In my opinion, you should trust someone before you =allow them to have an account on your system. Can we, perhaps, have a configurable maximum load level for each class? The users of the class will not be allowed to start new processes if the current load is above that number? -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message