Subject: Re: userid partitioned swap spaces.
To: None <tech-kern@netbsd.org>
From: Michael Cerrato <mec@cise.ufl.edu>
List: tech-kern
Date: 12/15/1998 17:23:07
+---------- woods@most.weird.com (Greg A. Woods) writes:
|
| I don't think it should be necessary to protect the catching of a signal
| such as this.  If you really need to allow users to compile and run
| their own programs then you need to give them a bit of rope and trust
| them with it somewhat.  For example, I get the impression that most
| institutions of learning give students their own workstation to fool
| around on in this way, in which case the servers can be protected by
| mounting all partitions where students have write permission with the
| noexec flag.

At the University of Florida Computer Science department, students
don't have their own workstations to fool around with.  (Unless
they've installed NetBSD or Linux on their personal machines.)
The operating systems classes regularly take out our public
compute servers with fork bombs and runaway processes.  We've
partially solved this by drastically reducing the per user
process limit (this is SPARC Solaris, BTW), and we try to get
the students educated to the wonders of ps and kill.  The signal
thing would be great for solving that problem--none of them
would know how to catch it, and if they did, they presumably
would know better than to do that.

Michael Cerrato
mec@cise.ufl.edu