On Tue, 2004-07-13 at 10:55, Andrew Jorgensen wrote:
> Except that it's conceivable that someone would execute something
> outside of a shell, using ssh or something similar. I'd be interested
> in hearing other ideas. It seems like this is something that should
> be part of the various security services. A non-root user can't give
> his processes higher priorities, for instance, so apparently there's
> something limiting the highest priority a user can have. This same
> mechanism ought to be able to so something her.
Since niced_bash is the login shell, there is no way to get around it.
It is the first thing ssh executes when you log in. Of course you are
correct in stating that a user can arbitrarily bump his priority back up
to normal with the renice command.
Michael
>
> On Mon, 12 Jul 2004 15:21:47 -0500, Michael Halcrow <[EMAIL PROTECTED]> wrote:
> > On Mon, Jul 12, 2004 at 03:05:33PM -0600, J. Troy Carpenter wrote:
> > > Is there a away to set up a particular user such that every command
> > > they perform from the command line is scheduled with a specific
> > > priority (be it low or high)?
> >
> > There are a couple different ways to go about it. Personally, I would
> > just write a wrapper shell:
> >
> > [EMAIL PROTECTED]:~$ cat niced_bash.c
> > #include <unistd.h>
> >
> > int main( int argc, char** argv, char** envp )
> > {
> > nice( 19 );
> > execve( "/bin/bash", argv, envp );
> > }
> >
> > Copy it to /bin/niced_bash, then edit the passwd to use your wrappered
> > shell:
> >
> > demoted:x:1005:100::/home/demoted:/bin/niced_bash
> >
> > I wrote this up really quick and tested it, and everything seemed to
> > go smoothly on my box. Depending on exactly what you need to do, this
> > may need some tweaking.
> >
> > Mike
> > .___________________________________________________________________.
> > Michael A. Halcrow
> > Security Software Engineer, IBM Linux Technology Center
> > GnuPG Fingerprint: 05B5 08A8 713A 64C1 D35D 2371 2D3C FDDA 3EB6 601D
> >
> > I didn't say it was your fault. I only said I was going to blame
> > you.
> >
> >
> >
>
> ____________________
> BYU Unix Users Group
> http://uug.byu.edu/
> ___________________________________________________________________
> List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
--
Michael L Torrie <[EMAIL PROTECTED]>
____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
