Date: Tue, 21 Mar 1995 12:05:02 +0800 (HKT) From: John Beukema <jbeukema@hk.super.net> To: hackers@FreeBSD.org Subject: Denial of resource attacks Message-ID: <Pine.SUN.3.91.950321114636.10870E-100000@is1.hk.super.net>
next in thread | raw e-mail | index | archive | help
I was testing FreeBSD 2.0R with a shell which generated endless sub directories. The kernel does not have disk quota option compiled. Not unexpectedly, the user process generated 5306 subdrectories and started looping on file system full messages. No panic, crash or lock up -- so far, so good. No problem, kill the shell and rm -r the directory, right? Well, surprise, rm -r fails when the maximum path length is exceeded. I was forced to write another shell script to step down the chain to the end and then remove the directories one by one. Time down 1 1/2 hours (am not very good at shell programing). Questions: 1. Is there any other way to protect against this type of attack than quotas? 2. Do quotas work well? 3. Might it be a good idea to limit the creation of sub-directories when the max path length will be exceeded, so that rm -r will continue to work? jbeukema
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.91.950321114636.10870E-100000>