Re: Dumping /dev/zero to the console

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Bernhard Kaindl: "[patch] for accessing all sessions of a normal mutisession cd"
• Previous message: Christopher J. Shaulis: "Re: kernel threading/clone() improvements in 2.1?"

/dev/zero can be used for a variety of things. It contains no sensitive
information (only binary zeroes :) and hence conceptually its access should
not be restricted.

There are a lot of other denial-of-service attacks that users can employ on
Linux. If there's any interest in reducing the effectiveness of
denial-of-service attacks (and improving Linux's handling of
resource-exhaustion situations) that might be a better approach than simply
denying access to this device.

It's also not hard thwart fix this sort of denial-of-service attack;
just put in code to periodically check to see if need_resched is true,
and call schedule() to yield control of the process. You should also
check to see if a signal has been posted, and exit appropriately:

if (need_resched)
schedule();
if (current->signal & ~current->blocked)
return (bytes_written ? bytes_written : -ERESTARTSYS);

Any kernel system call which might be long-lived should definitely be
doing something like this, just for robustness's sake.

- Ted

• Next message: Bernhard Kaindl: "[patch] for accessing all sessions of a normal mutisession cd"
• Previous message: Christopher J. Shaulis: "Re: kernel threading/clone() improvements in 2.1?"