Date: Thu, 18 Mar 1999 03:01:16 +0900 From: "Daniel C. Sobral" <dcs@newsguy.com> To: Jay Tribick <netadmin@fastnet.co.uk> Cc: Dmitry Valdov <dv@dv.ru>, freebsd-current@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: disk quota overriding Message-ID: <36EFEDEC.D11C7599@newsguy.com> References: <Pine.BSF.3.95q.990317143707.15120A-100000@xkis.kis.ru> <19990317114932.Z21466@bofh.fastnet.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Jay Tribick wrote:
>
> > There is a way to overflow / filesystem even is quota is enabled.
> >
> > Just make many hard links (for example /bin/sh) to /tmp/
> >
> > for ($q=0;$q<100000;$q++){
> > system ("ln /bin/sh /tmp/ln$q");
> > }
> >
> > Because /tmp directory usually owned by root that why quotas has no effect.
> > *Directory* size of /tmp can be grown up to available space on / filesystem.
> >
> > Any way to fix it?
>
> Haven't tested this, but are you sure it fills the filesystem up -
> all a hard link is, is a file with the same inode as the
> original file (correct me if I'm wrong) - therefore it
> doesn't actually use any space other than that required
> to store the file entry.
You missed the dirty trick... :-) It's the size of +/tmp+ that fills
/. The *directory* size. Because it has to *store* all these
links...
--
Daniel C. Sobral (8-DCS)
dcs@newsguy.com
dcs@freebsd.org
"What happened?"
"It moved, sir!"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36EFEDEC.D11C7599>