Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions

From: Andi Kleen
Date: Wed Feb 21 2018 - 13:21:26 EST

Next message: Brendan Higgins: "Re: [PATCH v2 1/1] clk: npcm750: update text with fixed clocks"
Previous message: Ard Biesheuvel: "Re: [PATCH 2/2] i2c: add support for Socionext SynQuacer I2C controller"
In reply to: Linus Torvalds: "Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions"
Next in thread: Luck, Tony: "Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> But it should be fairly easy to just add a 'struct ratelimit_state' to
> 'struct user_struct', and then you can easily just use
>
> '&file->f_cred->user->ratelimit'
>
> and you're done. Make sure the initial root user has it unlimited, and
> limit it to something reasonable for all other user allocations.

How about uid name spaces? Someone untrusted in a container could
create a lot of uids and switch between them.

A global rate limit seems better. While in theory it allows DoS
it's probably not worse than a lot of others we have with
other resources, and it's relatively harmless.

-Andi

Next message: Brendan Higgins: "Re: [PATCH v2 1/1] clk: npcm750: update text with fixed clocks"
Previous message: Ard Biesheuvel: "Re: [PATCH 2/2] i2c: add support for Socionext SynQuacer I2C controller"
In reply to: Linus Torvalds: "Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions"
Next in thread: Luck, Tony: "Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]