Bugtraq mailing list archives
Re: Linux kernel filesystem oddities
From: peak () kerberos troja mff cuni cz (Pavel Kankovsky)
Date: Wed, 8 Jul 1998 19:12:20 +0200
On Sun, 5 Jul 1998, Michal Zalewski wrote:
Any amount of data, overriding quotas and kernel resource limits, can be stored in root-owned +t directory (like /tmp) - inside... filenames!
Interesting... the same idea popped up in my mind during the weekend. On the other hand, I am sure this is not Linux specific. [...]
Ah, the same problems are with FIFOs created in root-owned dirs, because FIFO is not treated as file. To Alan: You might not argue with me, but I think there's something wrong with Linux philosophy, if any user is able to bypass kernel file limits and quotas.
FIFO itself occupies a single inode, no block, therefore charging inode quota but not block quota is correct.
But it seems to be hard to fix. FIFO (and maybe other 'non-file' objects) should be probably treated as ordinary file when calculating quota.
But there will be problem with hard-links - creator of this object is...
Hardlink is not a fs object, it is a directory entry. The world writable directory is a real problem. It is similar to world writable files: anyone can use them to store data on its owner. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "You can't be truly paranoid unless you're sure they have already got you."
Current thread:
- SmurfLog 1.0 Bug Lord (Jul 03)
- Linux kernel filesystem oddities Michal Zalewski (Jul 05)
- sentry Paul Boehm (Jul 08)
- Re: Linux kernel filesystem oddities Pavel Kankovsky (Jul 08)
- Re: Linux kernel filesystem oddities Michal Zalewski (Jul 06)
- Re: Linux kernel filesystem oddities Pavel Kankovsky (Jul 08)
- Re: Linux kernel filesystem oddities Jeffrey Hutzelman (Jul 09)
- dslip package David Kopstain (Jul 09)
- SLMail 3.0.2421 Stack Overflow... Aleph One (Jul 09)
- Linux kernel filesystem oddities Michal Zalewski (Jul 05)
- Re: SmurfLog 1.0 Bug Lord (Jul 10)
- Re: port 0 scanning Lamont Granquist (Jul 09)
- Regarding Mudge's OBP/FORTH root hack (PHRACK53) Jericho Nunn (Jul 10)