Re: swapfile security weakeness

Matti Aarnio (matti.aarnio@sonera.fi)
Fri, 6 Nov 1998 23:45:58 +0200 (EET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jens Axboe: "Re: Compile failure on 2.1.127"
Previous message: Alex Belits: "Re: Comments on Microsoft Open Source document"

> Hi!
> > i've found that active swapfile could be deleted, which is
> > IMHO very dangerous (set immutable flag on in sys_swapon
> > call?). Also,
>
> Why? Under unix files disappear at close, so everything should be just
> fine. (Too lazy to check myself, did you try it?)
>
> Even if this was a problem (I think it is not), there are much better
> ways how to kill machine when you are root (cat /dev/zero > /dev/hda).

Although the roots can shoot themselves quite easily,
perhaps a mechanics to make it _slightly_ more difficult
in form of mandatory file locking and exclusive open.

I don't mean the usual O_EXCL, but something which *really*
allows only one file descriptor to open the file.

Also, modifying file i-node could not happen by somebody
else, while the file is open. (that is, no delete with
file open.. ..unless by the file opener.)

> Pavel
> --
> I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel

/Matti Aarnio <matti.aarnio@sonera.fi>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jens Axboe: "Re: Compile failure on 2.1.127"
Previous message: Alex Belits: "Re: Comments on Microsoft Open Source document"