On Fri, 2007-01-12 at 19:01 -0500, lanas wrote: > 3) Adjusted access to priorities by adding this > to /etc/security/limits.conf: > > # Added for audio > * - rtprio 99 > * - nice -10 > * - memlock 4000000 > > BTW, I read that the above is an insecure configuration. So, some > finetuning could be done with that. There's an active Fedora > Firewall, as well as SELinux, so maybe this is not as critical as it > sounds. I'd appreciate any input on this. It all boils down to who can use programs that run with realtime priorities and whether you trust them. The above conf (which I use) gives access to everybody - meaning anybody can potentially hang the machine, either through buggy software, a mistake or intentionally. You can of course restrict things a bit more by using unix groups and only give access to a group of users (which you presumably trust...), then that's more "secure". Still, allowed users can hang the machine if they want. You could also restrict the range of priorities users can use, add a watchdog program that runs at a higer priority and kills or downgrades the scheduler to SCHED_OTHER of processes that are hogging the cpu - but IMHO things get complicated too fast, and sometimes you may _want_ to hog the cpu :-) ... If you are the only user then the above configuration is fine... -- Fernando