From: Mark Mielke <mark@mark.mielke.cc>
To: Jesse Pollard <pollard@tomcat.admin.navo.hpc.mil>
Cc: elladan@eskimo.com, Christoph Hellwig <hch@infradead.org>,
Linux-Kernel <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] ext2 and ext3 block reservations can be bypassed
Date: Tue, 14 May 2002 14:23:22 -0400 [thread overview]
Message-ID: <20020514142322.C22935@mark.mielke.cc> (raw)
In-Reply-To: <200205141753.MAA70930@tomcat.admin.navo.hpc.mil>
Don't put /var/log on the same file system as /home, and don't grant
access to /var/log to any normal userid.
This isn't 'new'.
mark
On Tue, May 14, 2002 at 12:53:47PM -0500, Jesse Pollard wrote:
> If the root file system is ext2, it does become a security issue since
> currently active logs will continue to record log entries until the
> filesystem is absolutly filled. I should say, if the log device fills up,
> since the log directory is usually /var/log, or /var/adm. Some logs show
> up in etc, but that really depends on the configuration. It IS usefull if the
> filesystem is "full" due to attacks - daemons tend to terminate themselves,
> and their log entry indicates what the problem was. If it is an attack, then
> it's a security issue.
>
> The only reason it helps fragmentation (subject to actual implementor
> statements) is that the filesystem code will use every scavanged block
> possible under saturation. When the filesystem gets cleand up later,
> these excessively fragmented files will remain, and continue to cause
> access delays.
>
> Naturally, deleting (or backup/restore) the file(s) cleans up the fragmentation.
>
--
mark@mielke.cc/markm@ncf.ca/markm@nortelnetworks.com __________________________
. . _ ._ . . .__ . . ._. .__ . . . .__ | Neighbourhood Coder
|\/| |_| |_| |/ |_ |\/| | |_ | |/ |_ |
| | | | | \ | \ |__ . | | .|. |__ |__ | \ |__ | Ottawa, Ontario, Canada
One ring to rule them all, one ring to find them, one ring to bring them all
and in the darkness bind them...
http://mark.mielke.cc/
next prev parent reply other threads:[~2002-05-14 18:28 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-05-14 17:53 [RFC] ext2 and ext3 block reservations can be bypassed Jesse Pollard
2002-05-14 18:23 ` Mark Mielke [this message]
2002-05-14 19:11 ` Alexander Viro
-- strict thread matches above, loose matches on Subject: below --
2002-05-14 19:29 Jesse Pollard
2002-05-14 18:54 Jesse Pollard
2002-05-14 19:04 ` Alexander Viro
2002-05-14 19:55 ` Mark Mielke
2002-05-14 18:07 Jesse Pollard
2002-05-14 18:00 Jesse Pollard
[not found] <791836807@toto.iv>
2002-05-12 22:04 ` Peter Chubb
2002-05-12 22:53 ` Alexander Viro
2002-05-13 4:22 ` Kasper Dupont
2002-05-13 4:51 ` Elladan
2002-05-12 16:23 Kasper Dupont
2002-05-12 16:42 ` Jakob Østergaard
2002-05-12 17:34 ` Elladan
2002-05-12 18:15 ` Alexander Viro
2002-05-12 18:37 ` Elladan
2002-05-12 19:02 ` Jakob Østergaard
2002-05-12 19:04 ` Mark Mielke
2002-05-13 17:09 ` Horst von Brand
2002-05-13 17:52 ` Elladan
2002-05-13 17:57 ` Christoph Hellwig
2002-05-14 16:22 ` Elladan
2002-05-14 16:55 ` Mark Mielke
2002-05-14 17:47 ` Elladan
2002-05-14 18:51 ` Kasper Dupont
2002-05-15 19:48 ` Pavel Machek
2002-05-15 20:29 ` Alan Cox
2002-05-14 15:40 ` Kasper Dupont
2002-05-14 15:56 ` Mark Mielke
2002-05-14 18:25 ` Kasper Dupont
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020514142322.C22935@mark.mielke.cc \
--to=mark@mark.mielke.cc \
--cc=elladan@eskimo.com \
--cc=hch@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pollard@tomcat.admin.navo.hpc.mil \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.