Bugtraq mailing list archives
Re: Solaris 10 Containers / Zones Security Flaw
From: Darren Reed <avalon () caligula anu edu au>
Date: Tue, 5 Apr 2005 03:45:55 +1000 (Australia/ACT)
In some mail from jim allan, sie said:
In-Reply-To: <424EC41F.2060901 () cox net> agreed Robert, there are many easy ways to limit this, my research was more about whether Sun had implemented sanity limits in virtual memory and cpu usage as a default. which they hadn't.
So what would you consider to be a "sane limit" ? Is a "sane limit" RAM-128MB ? Or some other magical number ? Or some formula that involves using the number of zones ? What about CPU? No more than 90%?
it's a sad state, but most admins wouldn't use ulimit or set maxuprc to limit this..
Right, so the criticism you're really getting at here is that by default, Unix in general doesn't contain what a single user can do in terms of chewing up system resources as a denial of service attack.
as Jonathon Katz mentioned, it's a balence between usability and security, but i would've thought there should have been some sane level of limit on virtual memory or similar for the zone upon initial creation..
Why? So that when someone runs a serious job in one and discovers that it is limited to 64MB and dies they need to reconfigure the zone? Any arbitrary limit that could be chosen would be bad, by default, for someone. The current situation, with zones and resources, is no worse than today for environments without zones, however, if you use resource pools with zones, it can be much much better. Darren
Current thread:
- Solaris 10 Containers / Zones Security Flaw jim allan (Apr 01)
- Re: Solaris 10 Containers / Zones Security Flaw Robert Escue (Apr 02)
- Re: Solaris 10 Containers / Zones Security Flaw Jonathan Katz (Apr 02)
- <Possible follow-ups>
- Re: Solaris 10 Containers / Zones Security Flaw jim allan (Apr 04)
- Re: Solaris 10 Containers / Zones Security Flaw Darren Reed (Apr 04)