Re: inode->i_count security hole

Bill Hawes (whawes@star.net)
Mon, 12 Jan 1998 16:21:37 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Gooch: "Re: disk naming proposal & devfs"
Previous message: Jason McMullan: "Re: [Feature Wish] GGI in Linux 2.3"
Maybe in reply to: Chris Evans: "inode->i_count security hole"

Alan Cox wrote:
>
> > Looking forward to 2.0.34 (with idt mem leak fix? This could be used as a
> > local DoS)
>
> Actually you can do better than a DoS attack with it. The fix is to make
> i_count a long at the moment.

If this is being caused by excessive hard links, wouldn't it be easier
to set some large but sane limit on the number of hard links allowed? A
limit of 1000 or so would probably allow all legitimate uses but safely
avoid any overflows. This would be easy to enforce in the link system
call.

Regards,
Bill

Next message: Richard Gooch: "Re: disk naming proposal & devfs"
Previous message: Jason McMullan: "Re: [Feature Wish] GGI in Linux 2.3"
Maybe in reply to: Chris Evans: "inode->i_count security hole"