> First of all, when I make a filesystem on a block device I don't modify
> every single block of that device so it is perfectly possible to create a
> 64M ext2 filesystem on a ramdisk on a 48M physical RAM machine.
It's perfectly possible to do `dd if=/dev/zero of=/dev/<root-device>' and
trash your system from root. Or you can do `chmod a+x /dev/<root-device>' and
non-privileged user will trash your system. Now what ? You had 1000 ways to
kill your system, not you have 1001 way. Big deal...
> Now, the root mounts it somewhere and creates a subdirectory to which a
> non-privileged user can write so a non-privileged user starts creating
> files in it and easily causes out of memory bringing the box down, fscking
> all filesystems etc etc.
If root is dumb it's unfixable.
> I hope you are not going to tell me "then use quotas on all ramdisk-based
> filesystems", are you?
Do not do ramdisk more then size of physical RAM.
> I still have not learnt enough of buffer cache internals to figure out the
> way to solve this but if you (as someone who understands it better than
> me) believe that the current framework of Linux Buffer Cache makes it
> impossible then I believe we have a serious problem. And if so I will go
> back to (now I understand a silly) idea of having vmalloc'd ramdisk, i.e.
> until I understand how to solve this properly.
> Does Linus think it is acceptable? Am I missing something fundamental
> here? It clearly seems unacceptable to me, so I must be missing something
> obvious :)
WHY seems it unacceptable to you ? That's the qyestion :-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/