In <[EMAIL PROTECTED]>, [EMAIL PROTECTED] typed:
> An unprivileged user could waste all CPU time by setting a low delay value in
> top (interactive or via -s).
No, they can't. Should they use the interactive facility to set the
delay to 0 (you can't do that via the -s switch), then top will
compete evenly with normal users processes until it accumulates enough
CPU that the scheduler changes it's nice value. It then no longer
competes with normal user processes for CPU. At that point, the CPU
cyles it's "wasting" are mostly cycles that would have been "wasted"
in an idle loop anyway. Generally (but not always), there's no real
reason to care about such.
> Is there any possibility to deactivate this functionality without
> recompilation?
chmod 0 /usr/bin/top
> There are other top implementations that use a "secure mode" configuration
> which avoids the setting of the delay value for unprivileged users.
There are *lots* of commands on the system that can be coerced into
spinning on the CPU doing nothing, starting with /bin/sh. The correct
place to deal with this issue is in the kernel scheduler, so you can
do it once and for all.
That said, there may be a use case where you want a top display to be
available without the interactive commands being available, ala the
"secure mode" you mention. That can be provided with a little work,
depending on the exact goals.
<mike
--
Mike Meyer <[EMAIL PROTECTED]> http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
