benchexec icon indicating copy to clipboard operation
benchexec copied to clipboard

Published 20 hours ago verified publisher icon sosy-lab

Create separate cgroup for main BenchExec process

Open PhilippWendler opened this issue 8 years ago • 3 comments

BenchExec should put itself in a cgroup just like it does for the benchmarked process. This will be necessary for cgroup-v2 support anyway (#133), and could be used to measure the resource usage of BenchExec (and thus the benchmarking overhead).

PhilippWendler avatar Dec 09 '16 19:12 PhilippWendler

I fully support this enhancement.

In addition to the possibility to measure BenchExec itself, this would considerably increase the security quality of BenchExec. We should keep in mind that BenchExec executes code from a wide audience of contributors on the host systems it runs on.

dbeyer avatar Nov 13 '18 10:11 dbeyer

I fully support this enhancement.

In addition to the possibility to measure BenchExec itself, this would considerably increase the security quality of BenchExec. We should keep in mind that BenchExec executes code from a wide audience of contributors on the host systems it runs on.

My suggestion was actually about the container mode (security), which is now to be discussed in issue #384.

dbeyer avatar Dec 03 '18 10:12 dbeyer