>As Ingo said in an earlier a post, with a little ingenuity this problem >can be solved in user space. The programs in question can be setuid >root so that they can set RT scheduling policy BUT have their >permissions set so that they only executable by owner and group with the >group set to a group that only contains those users that have permission >to run this program in RT mode. If you wish to allow other users to run >the program but not in RT mode then you would need two copies of the >program: one set up as above and the other with normal permissions.
Just a reminder: setuid root is precisely what we are attempting to avoid. >If you have the source code for the programs then they could be modified >to drop the root euid after they've changed policy. Or even do the This is insufficient, since they need to be able to drop RT scheduling and then reacquire it again later. --p - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
