On Mon, Nov 7, 2011 at 14:58, Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> wrote: >> Right, rlimit approach guarantees a simple way of dealing with users >> across all tmpfs instances. > > Which is almost certainly not what you want to happen. Think about direct > rendering. > > For simple stuff tmpfs already supports size/nr_blocks/nr_inodes mount > options so you can mount private resource constrained tmpfs objects > already without kernel changes. No rlimit hacks needed - and rlimit is > the wrong API anyway. What part of the message did you read? This is about _per_user_ limits, not global limits! Any untrusted user can fill /dev/shm today and DOS many services that way on any machine out there. Same for /tmp when it's a tmpfs, or /run/user. This is an absolutely unacceptable state and needs fixing. I don't care about which interface it is, if someting else fits better, let's discuss that, but it has surely absolutely noting to do with size/nr_blocks/nr_inodes. Kay -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>