Re: security implications (was Re: Proposal: restrict link(2))

Dave Cole (dave@edipost.auspost.com.au)
Tue, 17 Dec 1996 10:33:33 +1100 (EST)


On Mon, 16 Dec 1996, Keith Rohrer wrote:

>
> > So what have I learned:
> > o /tmp and /home and /usr should be on different partitions
> If you can manage it. You'd likely want to make /home separate to save
> hassle when upgrading/re-installing the system. /tmp being on its own
> filesystem can prevent some denial of service attacks.

Talking about denial of service attacks using /tmp; we did it to
ourselves accidentally on a SunOS machine. We ran Adobe Distiller on a
PostScript file that had 100,000 pages. We noticed sometime the next day
that the machine had slowed to a crawl.

It turns out that Distiller was creating a file in /tmp for every page
processed. We had about 100,000 zero length files in /tmp. Under SunOS,
directories never shrink, so we had to remake the file system to get back
normal performance.

I suppose we could have avoided the mkfs if we had:
# mount /dev/sd4e /.tmpfs
# mkdir /.tmpfs/tmp
# ln -s /.tmpfs/tmp /tmp

Then we could have just created a new directory in /.tmpfs and pointed
the symlink at the new directory.

I have not bothered to check if ext2fs shrinks directories, maybe this
"technique" would work on Linux too.

- Dave