On Mon, 9 Oct 2006, Elad Efrat wrote:
> Solutions discussed varied from kernel changes to limit signals to
> set-id processes (so that, for example, SIGKILL can't be sent; like
> how we limit coredumps of set-id processes), but eventually we chose
> a different solution.
...
> So, here goes -- is the above okay?

Maybe a solution that does not involve changing userland code (and thus 
leaving a chance to do things wrong) can be found? As a first isdea, 
limiting signal delivery sounds ok to me for that, but I'm no guru in that 
(complex) area...


  - Hubert