> Hello,
>
> actually the question is in subj.
> Problem is that there is a program which needs to know physical memory
> size. This information is used to justify memory consumption as after some
> swapping performance is drops dramatically, and it is better to finish.
>
> I know that this is not the best idea, but it is assumed that this program
> is the only one running on the machine.
>
> I do not want to use proc as some people can just do not mount it.
>
> Any comments, suggestions?
In initscripts create a directory with mode=700. Create a subdirectory there.
Mount procfs on it. Get the information. umount. rmdir. rmdir. Put that
information into /etc. Let your program use that as config file.
If attacker is able to traverse root-owned directory with rwx------ when
initscripts are run he won't gain anything new from accessing procfs, since
he already can do whatever he bloody wants.
Besides, that way it's easy to port to non-Linux boxen - all system
dependencies are in the way to have /etc/memsize set by the time when
your program is run. Which can be done by echo/ed/vi/whatever.
Cheers,
Al
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/