Re: max symlink = 5? ?bug? ?feature deficit?

[Al Viro]

On Sun, Feb 12, 2006 at 12:36:37PM -0700, Matthew Wilcox wrote:
> On Sun, Feb 12, 2006 at 06:06:01PM +0000, Al Viro wrote:
> > On Fri, Feb 10, 2006 at 07:31:07PM -0800, Linda Walsh wrote:
> > > The maximum number of followed symlinks seems to be set to 5.
> > > 
> > > This seems small when compared to other filesystem limits.
> > > Is there some objection to it being raised?  Should it be
> > > something like Glib's '20' or '255'?
> 
> Just a note (which Al probably considered too obvious to point out), but
> MAX_NESTED_LINKS isn't the maximum number of followed symlinks.  It's
> the number of recursions we're limited to.  The maximum number of
> symlinks followed is 40 (see fs/namei.c:do_follow_link).
> 
> Al, would it be worth making 40 an enumerated constant in the same
> enumeration as MAX_NESTED_LINKS?  Something like this:

Umm...  Maybe.  Note that this 40 is to kill very long iterations in
symlinks that are not too deeply nested, but resolving them would
traverse a lot (symlink can have a _lot_ of components - easily as much
as 2048, which leads to 2^55 lookups with depth limited to 5; since
process is unkillable during lookup and it's easy to do a setup where it
wouldn't block on IO...)

IOW, this limit doesn't come from stack overflow concerns - it's just an
arbitrary cutoff point to stop a DoS.  We can easily lift it to e.g.
256 if there's any real need.  Or make it sysctl-controlled; whatever...

The real hard limit is on nested symlinks.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/