Re: ext3 IO latency measurements (was: Linux 2.6.29)

[Bron Gondwana]

On Fri, Mar 27, 2009 at 11:22:48AM +0000, Alan Cox wrote:
> > Is this the same Alan Cox who thought a couple of months ago that
> > having an insanely low default maximum number epoll instances was a
> > reasonable answer to a theoretical DoS risk, despite it breaking
> > pretty much every reasonable user of the epoll interface?
> 
> In the short term yes - because security has to be a very high priority.
> Lesser of two evils.

So turn the machine off.

It seems to me that having atime turned on is a DoS risk.  Any punk
can cause lots of disk IO that will make everyone else's fsync's
turn into molasses simply by reading lots of files.  ZOMG (as the
kiddies of today would say) - we'd better fix this DoS risk by
disabling or rate limiting this dangeous vector (eleventyone!)

Bron ( ok, I'm getting a bit silly here - but if we blocked every
       potential DoS by making sure a single user could only use a
       small percentage of the machine's total capacity at maximum... )
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/