On Sun, 13 Jun 2004, Marcos D. Marado Torres wrote: > He can use firewalling, yes, but if it's not supposed to the kernel to > accept "0 0 0" then people shouldn't be able to select those settings, > and if it's supposed for people to have the abillity to change those > settings (including "0 0 0", which I think is good), then it's > completely obvious that users will expect the kernel to acomplish to > those settings and not simply crash. You are not expected to mess with /proc/sys/ values unless you know their effects. Only root can do that and root should know what he does. There are literally hundres of /proc/sys/ values that can mess up the system in various interesting ways. This is nothing new, it has been so ever since /proc/sys was implemented. It's even documented. (The fact that you are the first one to raise the '0 0 0' wmem issue is also an indirect proof that most people dont expect fool-proof tweakability of those switches.) so yes, the kernel gives the root user a shotgun, and as with all powers given to you, you should act responsibly with it. Even if it looks safe or obvious to you, dont clean the trigger while pointing the gun at yourself. (or at least make sure nobody stands behind you.) Ingo - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
