Isolation operation method for Linux application program

A technology of application program and operation method, applied in the computer field, which can solve the problems of interfering with the daily work of users, data security and personal privacy, hindering the normal execution of other programs, and unmaintainable system suspended animation.

Inactive Publication Date: 2015-12-09
INST OF INFORMATION ENG CAS
View PDF5 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] When users use the Linux operating system, some applications they use may perform illegal operations, leading to serious security problems. For example, some applications will maliciously occupy system resources, hinder the normal execution of other programs, and even cause the system to freeze and c

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Isolation operation method for Linux application program
  • Isolation operation method for Linux application program
  • Isolation operation method for Linux application program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but should not be used to limit the scope of the present invention.

[0026] A method for isolated running of Linux applications, such as figure 1 As shown, the method includes the following steps:

[0027] S1. Configure a sandbox for the resources required for the Linux application to run, wherein the sandbox is configured with an independent file system, a maximum percentage of CPU time, a bound CPU core, and a maximum memory used;

[0028] S2. When the sandbox is running, the independent file system is converted into the root directory of the Linux application program;

[0029] S3. When the program is running, bind the Linux application program to the bound CPU core configured in the corresponding sandbox;

[0030] S4. When an interruption occurs, determine whether the cu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an isolation operation method for a Linux application program. The method includes the following steps that a sandbox of sources needed by operation of the Linux application program is configured for the Linux application program, and an independent file system, the maximum percent of occupied CPU time, a bound CPU core and the maximum memory in use are configured for the sandbox; the independent file system is converted into a root directory of the Linux application program; the Linux application program is bound to the bound CPU core configured in the sandbox corresponding to the Linux application program; when an interruption happens, whether the access time of the current process on a CPU is longer than the maximum access time on the CPU in a time period corresponding to the maximum percent of the occupied CPU time is judged, and if yes, the process outside the sandbox is switched to; the memory used in operation of the Linux application program is detected in real time, and operation of the Linux application program is ended when the memory is larger than the maximum memory in use. According to the isolation operation method, isolation between application programs and isolation between application programs and an operation system are achieved, and it is ensured that malicious application programs cannot threaten the operation system.

Description

technical field [0001] The invention belongs to the technical field of computers, and more specifically relates to a method for isolated running of Linux application programs. Background technique [0002] When the application program is executed on the linux operating system, it needs to use various resources provided by the linux operating system, mainly including CPU, memory, file system, and the like. Among them, the CPU provides the function of interpreting computer instructions and processing data in computer software. The memory provides the function of storing the calculation data of the CPU and the data exchanged with external memory such as hard disk. The file system provides applications with the functions of creating, opening, reading, modifying, and deleting data files. [0003] When users use the Linux operating system, some applications they use may perform illegal operations, leading to serious security problems. For example, some applications will maliciou...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 李晨涂碧波孟丹
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap