Hi Todd,

Todd Whitesel wrote:
> 
> This is a random idea I came up with while trying to imagine a solution to
> fork-bombs. It's like extending the "joe user mount point" idea to swap.

I agree that this is still a problem that needs to be dealt with.
Limiting the amount of user processes and the amount of memory these
processes can use is possible already. The only thing missing is
a more finegrained control, which allows different settings for
different users.

[...]
> If a process needs swap, then user access is tested for all swap files, then
> group access, then other access. The first swap file that allows access is
> used to obtain the new page. Changes in permissions do not affect pages after
> they have been allocated. A swap file can be decommissioned by removing all
> execute permission, waiting for all processes using its pages to exit, and
> then issuing a kernel call to 'unmount' it.

(Offtopic :
IMHO, we should have a mechanism, that allows us to mark a certain
swap partition for removal. Then try to move all allocated pages
into memory and have the kernel/pagedaemon allocate a different
page on different swap space, thus freeing the marked partition
for removal. )

However, I think your approach doesn't scale well. Imagine the overhead
to walk through the list of possible swap files for lots of swap files/
lots of users. IMHO, a simple list with user/allowed mem(/allowed
processor
usage) should do. I agree that your approach is more flexible, but it's
also
more complicated. :-) 

  Guenther