[ale] Swap Memory usage
Stephen Leonard
stephen at phynp6.phy-astr.gsu.edu
Tue Sep 23 09:47:03 EDT 2003
Chris Ricker <kaboom at gatech.edu> writes:
> On Sun, 21 Sep 2003, Stephen Leonard wrote:
>
> > I think the standard method is to use mlock(2) to keep pages
> > resident in memory. However, I didn't see any occurences of
> > it with a quick grep through openssh-3.7.1p1.
>
> It is the standard tool, but it's not used much b/c on many systems
> (including Linux), only root can mlock() for security reasons. Rather than
> having to make ssh-agent, the ssh client, etc., SUID, it's just not used in
> them....
I see. Well, fwiw, setrlimit(2) has RLIMIT_MEMLOCK. This may
be OS dependent, but i would imagine it would allow processes
to mlock() pages without a DoS to the system. But I understand
your point. I guess it mainly depends on the security policy
of the application in mind.
stephen
More information about the Ale
mailing list