Tom Lane wrote:
> A less dangerous way of approaching it might be to have an option
> whereby the postmaster invokes 'uptime' via system() every so often
> (maybe once a minute?) and throttles on the basis of the results.
> The reaction time would be poorer, but security would be a whole lot
> better.
Rather than do system('uptime') and incur the process start-up each time,
you could do fp = popen('vmstat 60', 'r'), then just read the fp.
I believe vmstat is fairly standard. For those systems
which don't support vmstat, it could be faked with a shell script.
You could write the specific code to handle each arch, but it's
a royal pain, because it's so different for many archs.
Another possibility could be to read from /proc for those systems
that support /proc. But I think this will be more variable than
the output from vmstat. Vmstat also has the added benefit of
providing other information.
I agree with Tom about not wanting to open up /dev/kmem,
due to potential security problems.
Neal
