Re: Non-US

To: debian-hurd@lists.debian.org
Subject: Re: Non-US
From: Robert Bihlmeyer <robbe@orcus.priv.at>
Date: 21 Apr 2001 17:48:10 +0200
Message-id: <87d7a6b6f9.fsf@hoss.orcus.priv.at>
In-reply-to: nisse@lysator.liu.se's message of "19 Apr 2001 23:37:05 +0200"
References: <20010406231405.A31316@nisa.net> <87n19cehd8.fsf@hoss.orcus.priv.at> <nnitk0fu66.fsf@sture.lysator.liu.se>

nisse@lysator.liu.se (Niels Möller) writes:

> > Doesn't the Hurd have mlock() ?
> 
> I think most systems don't have mlock available for mortal users.
> Right?

I only know that Linux does not allow it unless you have the
CAP_IPC_LOCK capability. Which on most systems means, that you need
root.

I consider this a bug.

But this was not the problem, as I issued the command as root.

> A better approach is to simply encrypt pages that are swapped out
> (either all swap, or configurable per user or per process).

That incurs significant overhead. Of the 76 processes running on this
box right now, only two need that level of security at the moment.
These are served fine with mlock(), IMHO.

-- 
Robbe

Attachment: signature.ng
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Non-US
  - From: nisse@lysator.liu.se (Niels Möller)

References:
- Non-US
  - From: Jeff Bailey <jbailey@nisa.net>
- Re: Non-US
  - From: Robert Bihlmeyer <robbe@orcus.priv.at>
- Re: Non-US
  - From: nisse@lysator.liu.se (Niels Möller)

Prev by Date: Re: Removal of dpkg and bsdutils from gnu-20010308.tar.gz install.
Next by Date: Re: dpkg problem installing apache-common
Previous by thread: Re: Non-US
Next by thread: Re: Non-US
Index(es):
- Date
- Thread