> > This is much, much better than the "users are stupid, we must protect > > them from themselves" kind of way that other OS'es use. > > Isn't this what the kernel attempts to do in many other places? What else > could possibly be the point of sending SIGSEGV and causing applications > to dump core when they make a mistake referencing memory? Isn't it the > kernel's job to protect one application from another?
A related example: Typically, when a program (even when running as root) attempts to access I/O ports directly, it gets killed as you describe. However, the X server, running as root, can use ioperm or iopl to request permission to access the video card's I/O ports directly. When it gets that permission, it can do that and no longer gets killed. It also means the X server is capable of bringing the entire system via errant I/O port accesses if it wishes (or if it misbehaves). The general philosophy is to protect one application from another, unless an application has been specifically granted sufficient power to wreck the system. I don't remember off the top of my head whether SCHED_FIFO tasks are supposed to be able to take SMP systems down, if the # of SCHED_FIFO tasks is less than the # of CPU's. I imagine someone has thought about this in the past and answered the question one way or another, but I don't happen to know the answer. -Barry K. Nathan <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/