From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) From: arisawa In-Reply-To: <1fccf1df5e46d5fa5235a40a90a001e3@brasstown.quanstro.net> Date: Wed, 28 Jan 2015 15:50:16 +0900 Content-Transfer-Encoding: quoted-printable Message-Id: References: <0F748B67-FB11-464C-84FA-66B4E0B29918@9.offblast.org> <44900c0d4896622fa8a9411b05efe730@brasstown.quanstro.net> <7A132462-4747-471A-A4BF-D9381E38A4EA@ar.aichi-u.ac.jp> <4c37cf728d5b0e7ae4ebd3c2e0c2cee4@brasstown.quanstro.net> <3a6fb8671dae34eb5b4e0ebe3992bcfd@brasstown.quanstro.net> <1fccf1df5e46d5fa5235a40a90a001e3@brasstown.quanstro.net> To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Subject: Re: [9fans] protection against resource exhaustion Topicbox-Message-UUID: 3cd6dbfc-ead9-11e9-9d60-3106f5b1d025 Hello, > nonetheless, i have experience running multi-user plan 9 systems, and = users > were not usually the issue. Eric=E2=80=99s users are all gentleman, all careful people and all = skillful programmers. If your system is served for university students, you will have = different thought. > i think you've turned a problem with bounded recovery time into a > situation where the recovery code itself will inadvertently dos attack = its > users. in case that a process failed in getting resource such as memory or = process,=20 what it should do is very limited: puts out some message and exits. this is right behavior. I have never seen programs that retry malloc() or fork() until succeed. if all processes retry them, the system will get down. this is what I have observed in current plan9 kernel. if any one has cleaner solution, i.e., a solution that never kill = innocent process, I want to see it.