From: Mark Mielke <mark@mark.mielke.cc>
To: Jesse Pollard <pollard@tomcat.admin.navo.hpc.mil>
Cc: elladan@eskimo.com, Christoph Hellwig <hch@infradead.org>,
Linux-Kernel <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] ext2 and ext3 block reservations can be bypassed
Date: Tue, 14 May 2002 14:23:22 -0400 [thread overview]
Message-ID: <20020514142322.C22935@mark.mielke.cc> (raw)
In-Reply-To: <200205141753.MAA70930@tomcat.admin.navo.hpc.mil>
Don't put /var/log on the same file system as /home, and don't grant
access to /var/log to any normal userid.
This isn't 'new'.
mark
On Tue, May 14, 2002 at 12:53:47PM -0500, Jesse Pollard wrote:
> If the root file system is ext2, it does become a security issue since
> currently active logs will continue to record log entries until the
> filesystem is absolutly filled. I should say, if the log device fills up,
> since the log directory is usually /var/log, or /var/adm. Some logs show
> up in etc, but that really depends on the configuration. It IS usefull if the
> filesystem is "full" due to attacks - daemons tend to terminate themselves,
> and their log entry indicates what the problem was. If it is an attack, then
> it's a security issue.
>
> The only reason it helps fragmentation (subject to actual implementor
> statements) is that the filesystem code will use every scavanged block
> possible under saturation. When the filesystem gets cleand up later,
> these excessively fragmented files will remain, and continue to cause
> access delays.
>
> Naturally, deleting (or backup/restore) the file(s) cleans up the fragmentation.
>
--
mark@mielke.cc/markm@ncf.ca/markm@nortelnetworks.com __________________________
. . _ ._ . . .__ . . ._. .__ . . . .__ | Neighbourhood Coder
|\/| |_| |_| |/ |_ |\/| | |_ | |/ |_ |
| | | | | \ | \ |__ . | | .|. |__ |__ | \ |__ | Ottawa, Ontario, Canada
One ring to rule them all, one ring to find them, one ring to bring them all
and in the darkness bind them...
http://mark.mielke.cc/
next prev parent reply other threads:[~2002-05-14 18:28 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-05-14 17:53 [RFC] ext2 and ext3 block reservations can be bypassed Jesse Pollard
2002-05-14 18:23 ` Mark Mielke [this message]
2002-05-14 19:11 ` Alexander Viro
-- strict thread matches above, loose matches on Subject: below --
2002-05-14 19:29 Jesse Pollard
2002-05-14 18:54 Jesse Pollard
2002-05-14 19:04 ` Alexander Viro
2002-05-14 19:55 ` Mark Mielke
2002-05-14 18:07 Jesse Pollard
2002-05-14 18:00 Jesse Pollard
[not found] <791836807@toto.iv>
2002-05-12 22:04 ` Peter Chubb
2002-05-12 22:53 ` Alexander Viro
2002-05-13 4:22 ` Kasper Dupont
2002-05-13 4:51 ` Elladan
2002-05-12 16:23 Kasper Dupont
2002-05-12 16:42 ` Jakob Østergaard
2002-05-12 17:34 ` Elladan
2002-05-12 18:15 ` Alexander Viro
2002-05-12 18:37 ` Elladan
2002-05-12 19:02 ` Jakob Østergaard
2002-05-12 19:04 ` Mark Mielke
2002-05-13 17:09 ` Horst von Brand
2002-05-13 17:52 ` Elladan
2002-05-13 17:57 ` Christoph Hellwig
2002-05-14 16:22 ` Elladan
2002-05-14 16:55 ` Mark Mielke
2002-05-14 17:47 ` Elladan
2002-05-14 18:51 ` Kasper Dupont
2002-05-15 19:48 ` Pavel Machek
2002-05-15 20:29 ` Alan Cox
2002-05-14 15:40 ` Kasper Dupont
2002-05-14 15:56 ` Mark Mielke
2002-05-14 18:25 ` Kasper Dupont
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020514142322.C22935@mark.mielke.cc \
--to=mark@mark.mielke.cc \
--cc=elladan@eskimo.com \
--cc=hch@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pollard@tomcat.admin.navo.hpc.mil \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox