ronaldlees, thank you ! I will read carefully later.
I just finished a couple of experiments which I would really like some of you
to confirm because I found interesting news (news at least for me) but also scary news.
NOTE: there experiments where made WITH swap-on. WITHOUT X, only 3 terminals
in a small virtual machine running FreeBSD-11.1.
1] The previous version of "memEater.c" I posted is completely harmless,
I saw that I can (m)allocate more then double of the phisical memory I have.
The system here is smart, he sees that I allocate memory and I am not using it
so it lets me do whatever I want.
1.1] The memory "memEater.c" uses does not appear in "top", but you can see it in
rctl -hu user:foo
under the name "swapuse" ==> temporary conclusion, it is useless to limit "swapuse" because it can grow out of measure, well beyond system capabilities.
2] I wrote a second version of "memEater.c", called "memEater2.c" (it is attached ) which not only allocates big chunks of memory but also [great stuff
] fill it with 'a' ! This makes a lot of difference !
2.1] Using "memEater2.c" you will see memory usage growing in
top
2.2] Using "memEater2.c" you will see "memoryuse" to grow in
rctl -hu user:foo
output under the name "memoryuse"
2.3] => "memoryuse" it is probably only thing which has some sense to constrain.
3] Using "memEater2.c" at the point of eating more memory than it is phisically available in Ram + Swap an ugly thing happened. "memEater2.c" kept trying to eat stuff, it was not terminated by the system and I lost control of the machine. There appeared an error message in the "root" console saying something about memory, but the teminal was lost.
4] At this point I can confirm
Snurg worries: if a malicious (non root) user wants to hang the system he can, simply by allocating a lot of memory and writing garbadge into it.
5] my conclusion is, it is imperative to limit all non root users "memoryuse". I don't know if it is possible but
even better would be if it was possible to reserve some memory out only for root to use. So if system go into stress, root can still log in and kill who needs to be killed.