On Thu, Jul 14, 2016 at 5:48 AM, Serge E. Hallyn <[email protected]> wrote: > Quoting Kees Cook ([email protected]): >> I think the original CAP_SYS_NICE should be fine. A malicious >> CAP_SYS_NICE process can do plenty of insane things, I don't feel like >> the timer slack adds to any realistic risks. > > Can someone give a detailed explanation of what you could do with > the new timerslack feature and compare it to what you can do with > sys_nice?
Looking at the man page for CAP_SYS_NICE, it looks like such a task can set a task as SCHED_FIFO, so they could fork some spinning processes and set them all SCHED_FIFO 99, in effect delaying all other tasks for an infinite amount of time. So one might argue setting large timerslack vlaues isn't that different risk wise? thanks -john
