Re: inode->i_count security hole

Matti Aarnio (matti.aarnio@tele.fi)
Tue, 13 Jan 1998 01:26:16 +0000 (/etc/localtime)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael Elizabeth Chastain: "Re: devfs"
Previous message: Richard Gooch: "Re: devfs"

Bill Hawes writes:
> Alan Cox wrote:
> > > Looking forward to 2.0.34 (with idt mem leak fix? This could be used as a
> > > local DoS)
> > Actually you can do better than a DoS attack with it. The fix is to make
> > i_count a long at the moment.
>
> If this is being caused by excessive hard links, wouldn't it be easier
> to set some large but sane limit on the number of hard links allowed? A
> limit of 1000 or so would probably allow all legitimate uses but safely
> avoid any overflows. This would be easy to enforce in the link system
> call.

IF you do that per file-system, not at top-level!

I tend to think that 32000 links that EXT2 allows is wee bit
low limit -- but our web-server benchmark dataset is rather
weird anyway. (About 200 inodes of varying sizes, but million
names.. It gives rather pessimal figures, but they look
amazingly alike real system behaviour..)

> Regards,
> Bill

/Matti Aarnio <matti.aarnio@tele.fi>

Next message: Michael Elizabeth Chastain: "Re: devfs"
Previous message: Richard Gooch: "Re: devfs"