Re: real SetProcessClass and SetThreadPriority support

2005-04-11 Thread Andreas Mohr
Hi, On Mon, Apr 11, 2005 at 02:07:47PM +0100, Mike Hearn wrote: > On Sun, 2005-04-10 at 19:42 -0500, Robert Shearman wrote: > > You're forgetting the reason why we need the suid root binary - > > because allowing processes to set their priority as realtime (or > > otherwise very high) leaves the s

Re: real SetProcessClass and SetThreadPriority support

2005-04-11 Thread Mike Hearn
On Sun, 2005-04-10 at 19:42 -0500, Robert Shearman wrote: > You're forgetting the reason why we need the suid root binary - > because allowing processes to set their priority as realtime (or > otherwise very high) leaves the system open to a trvial DoS attack. > Not only do the startup code paths n

Re: real SetProcessClass and SetThreadPriority support

2005-04-10 Thread Robert Shearman
Mike Hearn wrote: On Fri, 08 Apr 2005 13:29:56 -0500, Robert Shearman wrote: 2. setuid binaries make sysadmins nervous and would require a security audit by us. Yes, they don't need to make it setuid, but then the people who do could run their programs as root anyway. Presumably only the c

Re: real SetProcessClass and SetThreadPriority support

2005-04-09 Thread Mike Hearn
On Fri, 08 Apr 2005 13:29:56 -0500, Robert Shearman wrote: > > wineserver would need to be a setuid program but it could set > > CAP_SYS_NICE at startup and immediately reduce it's privileges back to > > normal. > > There are a number of problems: > 1. I don't think that will work yet as the serv

Re: real SetProcessClass and SetThreadPriority support

2005-04-08 Thread Robert Shearman
Robert Reif wrote: Robert Shearman wrote: Robert Reif wrote: Are there any plans or is anyone working on mapping Windows SetProcessClass and SetThreadPriority support to linux process priorities on kernels that support CAP_SYS_NICE? Mapping Win32 thread priority levels to Linux nice levels is fair

Re: real SetProcessClass and SetThreadPriority support

2005-04-07 Thread Robert Reif
Robert Shearman wrote: Robert Reif wrote: Are there any plans or is anyone working on mapping Windows SetProcessClass and SetThreadPriority support to linux process priorities on kernels that support CAP_SYS_NICE? Mapping Win32 thread priority levels to Linux nice levels is fairly trivial, but co

Re: real SetProcessClass and SetThreadPriority support

2005-04-05 Thread Troy Rollo
On Wed, 6 Apr 2005 14:04, Robert Shearman wrote: > The > last time a discussion like this came up, we (Wine developers and Cedega > developers) requested a way of changing a thread's relative priority > within a process (without affecting the overall CPU time the process > gets) This is far from t

Re: real SetProcessClass and SetThreadPriority support

2005-04-05 Thread Robert Shearman
Robert Reif wrote: Are there any plans or is anyone working on mapping Windows SetProcessClass and SetThreadPriority support to linux process priorities on kernels that support CAP_SYS_NICE? Mapping Win32 thread priority levels to Linux nice levels is fairly trivial, but convincing kernel develop

real SetProcessClass and SetThreadPriority support

2005-04-04 Thread Robert Reif
Are there any plans or is anyone working on mapping Windows SetProcessClass and SetThreadPriority support to linux process priorities on kernels that support CAP_SYS_NICE?