Limits to common resource utilization is through quotas. These prevent any user from hogging resources shared by all the users, which boils down to stuff like memory, cpu, i/o bandwidth and disk space.
Currently, only memory-like stuff is quotaed. These quotas are defined:
Each user that has a job running has a quota counter for each of those types that keeps track of the current usage of that type of resource. A user is not allowed to exceed his limit. If he attempts to, an error status is returned. Each of the three counters is common to all uses of the system by a given user. So starting another login will not give the user access to more resources (it would use up a little because it uses memory for his new processes, etc.).
Perhaps a way to do cpu quotas would be to assign a percentage to a user, like 10%. This would mean, allow this user up to 10% cpu time when others are waiting for a cpu. Then the system would block the users' threads from executing if they have exceeded their allotment in the past tenth second or so.
Maybe something similar could be done for I/O, but drivers would have to estimate bandwidth utilization for a given I/O request and then process them as the quota allows.
Right now, there are no quotas on disk usage. The plan is: