On 07/12/2016 06:15 AM, Lennart
Right---the entire process trees were started by the user for some
specific purpose, and this mechanism can't just arbitrarily kill
parts of that tree, so, as you point out, the children of the
'whitelisted' processes would would have to inherit the immunity.
That's hardly useful, as "screen" alone is useless as it's just a
frontend to other programs (such as a shell that is run inside the
"screen" instance), and if we kill those, then "screen" doesn't need
to be around either...
This shows why it's a difficult problem and also that we may be
trying to discuss and solve it on the wrong level. The goal is to
kill processes that have no business persisting, while leaving the
useful ones---but how do we determine what should persist? We're
trying to do some heuristics here, and I am not sure if they can be
Perhaps we should be looking at a different level, seeing the
situation in terms of a desired function/objective rather than
looking at individual processes; or having a different activation
sequence ('run normally/ephemerally' vs 'run persistently'); or
looking at the process behavior (kill everything that sits in
select()). Then again, the behavior should depend on the device:
different on a handheld, desktop and server.