On Mon, Jul 21, 2003 at 01:27:06PM -0400, Jan Harkes wrote:
> - Refcounting issues, a rogue application can quickle use up kernel
> resources by requesting thousands of cookies, he isn't even limited by
> per-process resource limits, as it is possible to open a file, grab a
> cookie, and close the file. The only 'solution' you have is a timeout
> on the cookie, possibly this could be extended by some scheme where
> cookies are dropped more agressivly. But any such solution will either
> not be sufficient to protect the system from resource exhaustion or
> provide the opportunity for denial of service attacks.
Best of all: How big you make the number, doesn't matter: You can
always guess such numbers as a local attacker. If not now, then
in some years (want to recompile all existing applications then?).
cmsg(SCM_RIGHTS) is the much better solution, if you really have
processes, which are neither a sibling nor a parent/child
relationship.
And it's also ugly enough ;-)
Regards
Ingo Oeser
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jul 23 2003 - 22:00:45 EST