Path: utzoo!attcan!uunet!decwrl!sdd.hp.com!apollo!tim
From: tim@apollo.HP.COM (Timothy R. Giebelhaus)
Newsgroups: comp.sys.apollo
Subject: Re: Renice and ppri, only for those that are authorised??
Message-ID: <4d4bd8fb.20b6d@apollo.HP.COM>
Date: 9 Oct 90 15:18:00 GMT
References: <836@eba.eb.ele.tue.nl> <1990Oct5.170012.13818@alchemy.chem.utoronto.ca> <4d46b8d1.12c9a@digital.sps.mot.com>
Sender: root@apollo.HP.COM
Reply-To: tim@apollo.HP.COM (Timothy R. Giebelhaus)
Organization: Hewlett-Packard Company, Apollo Division; Chelmsford, MA
Lines: 28

In article <4d46b8d1.12c9a@digital.sps.mot.com> chen@digital.sps.mot.com (Jinfu Chen) writes:
>You may even shock if you're running pre-SR10.2, anyone can sigp (kill) any
>process not own by the user.

This transcript is from running bsd.  Yes, one can change priority, but
by changing the rights on the node owners file, one can control who can
kill processes:

stubai% renice 20 -p 6699
6699: old priority 0, new priority 20
stubai% kill -TERM 6699
6699: Not owner
stubai% ps guaxN | grep xload | grep user
uid = 4d4bc4a4.60018998          user      6699 1376  290 ?       S N   0:02 xload
stubai% sigp -s -u 4d4bc4a4.60018998
?(sigp) Unable to signal "uid_process" - permission denied (OS/level 2 process manager)
stubai% lsacl /sys/node_data/node_owners
   Object ACL:
        root.%.%                prwx-
        %.staff.%               [Ignore]
        %.%.none                [Ignore]
        %.%.%                   ----k
      Extended entry mask:      -----
stubai%

UUCP: uunet!hi-csc!apcimsp!tim
ARPA: tim@apollo.com
Contents of this message has nothing to do with work.