From: Mark Mielke <mark@mark.mielke.cc>
To: Kasper Dupont <kasperd@daimi.au.dk>
Cc: Linux-Kernel <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] ext2 and ext3 block reservations can be bypassed
Date: Tue, 14 May 2002 11:56:55 -0400 [thread overview]
Message-ID: <20020514115655.A22935@mark.mielke.cc> (raw)
In-Reply-To: <200205131709.g4DH9Fjv006328@pincoya.inf.utfsm.cl> <3CE1300A.990919E2@daimi.au.dk>
1) You can always submit a patch, and see whether other people approve of it.
2) If you won't do it, why would somebody else working on something that
provides lower latency to user process response time, or improvement
to the IDE drivers, take the time to deal with this issue?
You need to either do 1), or convince somebody to do 2).
As it is, there are plenty of other denial-of-service type attacks
that can be performed that would be more effective than the 'exploit'
you have mentioned. Your proposal would need to be 'fix them all', if
your complaint is that Linux has a security hole.
If you complaint is that an administrator might mistakenly believe
that it is a security feature, I suggest your understand that this is
merely one issue of quite a few. If the administrator is not aware of
issues such as these, perhaps they should not be an administrator?
mark
On Tue, May 14, 2002 at 05:40:58PM +0200, Kasper Dupont wrote:
> Horst von Brand wrote:
> >
> > Elladan <elladan@eskimo.com> said:
> >
> > [...]
> >
> > > Regardless of whether it's a good thing to depend on security-wise, it
> > > is a problem to have something that appears to be a security feature
> > > which doesn't actually work.
> >
> > It is _not_ a security feature, it is meant to keep the filesystem from
> > fragmenting too badly. root can use that space, since root can do whatever
> > she wants anyway.
>
> My point was that anybody can use this space if they want to.
>
> While this feature might not be intended to be used for
> security purposes, the documentation says the space is
> reserved for the super-user. And in many cases it would be
> convenient to use the feature for that purpose.
>
> Since this would be a usefull feature for many people, and
> since it AFAIK cannot be acomplished with quotas, I suggest
> we find a way to make it work like most people would expect.
>
> Would it cause any problems if the kernel ensured that the
> block reservations could not be bypassed by users?
>
> I have not yet verified if the same problem exists when
> using quotas. (My kernel is compiled without quotas). But
> if it does I guess we all would like to have it fixed.
>
> --
> Kasper Dupont -- der bruger for meget tid på usenet.
> For sending spam use mailto:razor-report@daimi.au.dk
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
mark@mielke.cc/markm@ncf.ca/markm@nortelnetworks.com __________________________
. . _ ._ . . .__ . . ._. .__ . . . .__ | Neighbourhood Coder
|\/| |_| |_| |/ |_ |\/| | |_ | |/ |_ |
| | | | | \ | \ |__ . | | .|. |__ |__ | \ |__ | Ottawa, Ontario, Canada
One ring to rule them all, one ring to find them, one ring to bring them all
and in the darkness bind them...
http://mark.mielke.cc/
next prev parent reply other threads:[~2002-05-14 16:02 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-05-12 16:23 [RFC] ext2 and ext3 block reservations can be bypassed Kasper Dupont
2002-05-12 16:42 ` Jakob Østergaard
2002-05-12 17:34 ` Elladan
2002-05-12 18:15 ` Alexander Viro
2002-05-12 18:37 ` Elladan
2002-05-12 19:02 ` Jakob Østergaard
2002-05-12 19:04 ` Mark Mielke
2002-05-13 17:09 ` Horst von Brand
2002-05-13 17:52 ` Elladan
2002-05-13 17:57 ` Christoph Hellwig
2002-05-14 16:22 ` Elladan
2002-05-14 16:55 ` Mark Mielke
2002-05-14 17:47 ` Elladan
2002-05-14 18:51 ` Kasper Dupont
2002-05-15 19:48 ` Pavel Machek
2002-05-15 20:29 ` Alan Cox
2002-05-14 15:40 ` Kasper Dupont
2002-05-14 15:56 ` Mark Mielke [this message]
2002-05-14 18:25 ` Kasper Dupont
[not found] <791836807@toto.iv>
2002-05-12 22:04 ` Peter Chubb
2002-05-12 22:53 ` Alexander Viro
2002-05-13 4:22 ` Kasper Dupont
2002-05-13 4:51 ` Elladan
-- strict thread matches above, loose matches on Subject: below --
2002-05-14 17:53 Jesse Pollard
2002-05-14 18:23 ` Mark Mielke
2002-05-14 19:11 ` Alexander Viro
2002-05-14 18:00 Jesse Pollard
2002-05-14 18:07 Jesse Pollard
2002-05-14 18:54 Jesse Pollard
2002-05-14 19:04 ` Alexander Viro
2002-05-14 19:55 ` Mark Mielke
2002-05-14 19:29 Jesse Pollard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020514115655.A22935@mark.mielke.cc \
--to=mark@mark.mielke.cc \
--cc=kasperd@daimi.au.dk \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox