%40࣮ߦํࣜͷΞΫηε੍ޚੑೳൺֱ w ඵؒϦΫΤετΛ૿Ճͤ͞ͳ͕Βඵ ؒϨεϙϯεΛܭଌ w ͷैདྷͷΞΫηε੍ޚ΄ͱΜͲੑ ೳ͕Ͱ͍ͯͳ͍ w ͷఏҊ͢ΔΞΫηε੍ޚΞΫηε ੍ޚແ͠ͷ߹ͱൺͯ΄ͱΜͲΦʔ όʔϔουແ͠ ੨ɿΞΫηε੍ޚແ͠ ɿఏҊ͢ΔΞΫηε੍ޚ ɿैདྷͷΞΫηε੍ޚ
$(*࣮ߦํࣜͷΞΫηε੍ޚੑೳൺֱ w ඵؒϦΫΤετΛ૿Ճͤ͞ͳ͕ΒඵؒϨ εϙϯεΛܭଌ w $(*ͷΞΫηε੍ޚͷ༗ແʹؔΘΒͣ$(* ͷ࣮ߦํࣜͷΦʔόʔϔου͕େ͖͍ͨΊɺ ΞΫηε੍ޚʹΑΔΦʔόʔϔουແ͍ w ষͷ$(*ͷΞΫηε੍ޚTVFYFDͱಉ ͷੑೳͰ͋Δ͜ͱ͕ষͰ࣮ݧࡁΈ ੨ɿΞΫηε੍ޚແ͠ ɿैདྷͷΞΫηε੍ޚ ɿఏҊ͢ΔΞΫηε੍ޚ
Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.filename == “/path/to/cpu.cgi” cpu = Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end
Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.hostname == “example.com” cpu = Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end
Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.user== “matsumotory” cpu = Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end
Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.finfo.user == 500 cpu = Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end
Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.finfo.group == 300 cpu = Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end
Ϧιʔε੍ޚͷઃఆྫ r = Apache::Request.new if r.finfo.size > 3000 cpu = Cgroup::CPU.new “cpu_group” # CPU 10 cpu.cfs_quota_us = 10000 cpu.create cpu.attach end
ຊจʹؚ·ΕΔൃදจݙ ࠃࡍձٞൃදʢࠪಡ͖ʣ 1 Ryosuke Matsumoto, Yasuo Okabe, Access Control Architecture Separating Privilege by a Thread on a Web Server, The 12th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT2012), pp.178-183, July 2012.
matsumoto_r
yudai00
monochromegane
takeshi_koshizuka
atsushi_ando
yowata
trafficbrain
uepon73
yukizenimoto
matsui_528
ept
mhangyo
shimacos
addyosmani
kneath
yeseniaperezcruz
tenderlove
gr2m
speakerdeck
caitiem20
jmmastey
danielanewman
philnash
zakiwarfel
philhawksworth