[racket] adding other objects to custodian

Matthew Flatt wrote:
>At Sun, 4 Jul 2010 21:08:33 -0400, Sam Tobin-Hochstadt wrote:
>I'm not getting the point here. As far as I know, a subprocess can
>create a new session in much the same way that it can create a new
>group

Yes, any process which is not a process group leader can call setsid
to create a new session, thereby becoming the session leader of the
new session as well as the process group leader of a new process group
in that new session (older versions of Unix, like SunOS when it was
still called SunOS, didn't have all this session mess, which was nicer
but also meant that, as http://82.25.54.149/FGA/bernstein-on-ttys/cttys.html
puts it, it was also "very difficult to detect, let alone revoke,
whether another user [had] access to a tty", which is a nice way to
say that it was a big security hole, for the little story).

In general I don't think there's a way in Unix to kill a set of
processes that actively work against being killed, short of shutting
down the machine: surviving processes can always try to re-fork+exec
new processes faster that you can find and kill them.

>> From a best effort perspective, I think sending the signal to the
>> process group is more custodian-like.
>
>I'm not sure I understand this suggestion, either. Do you mean that
>Racket should create a process group for each subprocess that it
>launches? Wouldn't that interfere with the role of process groups for
>job control in a shell?

Sam's idea (I believe) is that in practice 99% of programs are "well
behaved" and don't create new process groups or new sessions, in which
case all the processes are in one (new) group (created for that
purpose) and are easy to kill at once.  That sounds reasonable to me.

Philippe