On 07/12/2016 06:15 AM, Lennart Poettering wrote:

That's hardly useful, as "screen" alone is useless as it's just a
frontend to other programs (such as a shell that is run inside the
"screen" instance), and if we kill those, then "screen" doesn't need
to be around either...

Right---the entire process trees were started by the user for some specific purpose, and this mechanism can't just arbitrarily kill parts of that tree, so, as you point out, the children of the 'whitelisted' processes would would have to inherit the immunity.

This shows why it's a difficult problem and also that we may be trying to discuss and solve it on the wrong level. The goal is to kill processes that have no business persisting, while leaving the useful ones---but how do we determine what should persist? We're trying to do some heuristics here, and I am not sure if they can be good enough.

Perhaps we should be looking at a different level, seeing the situation in terms of a desired function/objective rather than looking at individual processes; or having a different activation sequence ('run normally/ephemerally' vs 'run persistently'); or looking at the process behavior (kill everything that sits in select()). Then again, the behavior should depend on the device: different on a handheld, desktop and server.