Hamish wrote: > And even in a chroot jail a few big loops could use up all the given > RAM or disk space by mistake or on purpose.
Memory limits can be enforced by setrlimit(), via the "ulimit" shell command or the pam_limits module. However, you can't set cumulative limits[1]. You can limit the memory usage of an invidivual process, and limit the total number of processes for a single user (UID), but you can't set a cumulative limit below the product of the maximum number of processes times the maximum memory per process. Disk usage can be restricted by using quotas or by creating a separate filesytem (e.g. on a loop device) for each account. CPU usage can be restricted on a per-process basis via setrlimit() etc. Again, there's no way to set a cumulative limit. Also, "nice" can be used to de-prioritise processes so that more important processes aren't pre-empted. [1] On Linux, control groups (cgroups) can be used to "partition" system resources. Virtual machines are another potential solution, albeit a rather heavy-weight one. -- Glynn Clements <gl...@gclements.plus.com> _______________________________________________ grass-dev mailing list grass-dev@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/grass-dev
