On 07/12/2016 06:15 AM, Lennart Poettering wrote:
That's hardly useful, as "screen" alone is useless as
it's just a
frontend to other programs (such as a shell that is run inside the
"screen" instance), and if we kill those, then "screen" doesn't
to be around either...
Right---the entire process trees were started by the user
specific purpose, and this mechanism can't just arbitrarily kill parts
of that tree, so, as you point out, the children of the 'whitelisted'
processes would would have to inherit the immunity.
This shows why it's a difficult problem and also that we may be trying
to discuss and solve it on the wrong level. The goal is to kill
processes that have no business persisting, while leaving the useful
ones---but how do we determine what should persist? We're trying to do
some heuristics here, and I am not sure if they can be good enough.
Perhaps we should be looking at a different level, seeing the situation
in terms of a desired function/objective rather than looking at
individual processes; or having a different activation sequence ('run
normally/ephemerally' vs 'run persistently'); or looking at the process
behavior (kill everything that sits in select()). Then again, the
behavior should depend on the device: different on a handheld, desktop