on 28/08/2012 21:07 Bryan Drewery said the following: > On 8/28/2012 11:37 AM, Andrey Zonov wrote: >> Hi, >> >> We've got RLIMIT_MEMLOCK for years, but this limit is useless, because >> only root may call mlock(2), and root may raise any limits. >> >> I suggest patch that allows to call mlock(2) for unprivileged users. >> Are there any objections to got it in tree? >> > > FYI, see previous recent thread on this here: > > http://lists.freebsd.org/pipermail/freebsd-arch/2012-May/012552.html > and > http://lists.freebsd.org/pipermail/freebsd-arch/2012-June/012606.html
Yes, Andrey, I highly suggest that you read those threads completely. Here are some observations. It doesn't look like mlockall and mlockall(MCL_FUTURE) in particular properly honor RLIMIT_MEMLOCK. If this is not fixed, then it would be premature to enable the privilege for non-privileged users. I am against adding the sysctl knob. If RLIMIT_MEMLOCK limit is properly implemented then it is sufficient to effectively deny the privilege (and with much finer granularity). When the privilege is allowed to ordinary users, then memorylocked in the default login.conf would need to be set to something much lower than the current 'unlimited' :-) Also, note that currently RLIMIT_MEMLOCK is abused at least in vslock() (used at least by sysctl's kernel side). The temporary wirings performed as an implementation detail or side-effect should not be accounted against the limit. The limit is for wirings that a user makes and controls explicitly. It should not be applied to something that kernel does behind the scenes without user's knowledge. -- Andriy Gapon _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
