From owner-freebsd-hackers  Mon Mar 20 20:05:17 1995
Return-Path: hackers-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id UAA06277 for hackers-outgoing; Mon, 20 Mar 1995 20:05:17 -0800
Received: from is1.hk.super.net (jbeukema@is1.hk.super.net [202.14.67.232]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id UAA06270 for <hackers@freebsd.org>; Mon, 20 Mar 1995 20:05:12 -0800
Received: by is1.hk.super.net id AA17298
  (5.67b/IDA-1.5 for hackers@freebsd.org); Tue, 21 Mar 1995 12:05:02 +0800
Date: Tue, 21 Mar 1995 12:05:02 +0800 (HKT)
From: John Beukema <jbeukema@hk.super.net>
To: hackers@FreeBSD.org
Subject: Denial of resource attacks
Message-Id: <Pine.SUN.3.91.950321114636.10870E-100000@is1.hk.super.net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: hackers-owner@FreeBSD.org
Precedence: bulk


I was testing FreeBSD 2.0R with a shell which generated endless sub 
directories. The kernel does not have disk quota option compiled.  

Not unexpectedly, the user process generated 5306 subdrectories and 
started looping on file system full messages.  No panic, crash or lock up 
-- so far, so good.  No problem, kill the shell and rm -r the directory, 
right? 

Well, surprise, rm -r fails when the maximum path length is exceeded.  I
was forced to write another shell script to step down the chain to the end
and then remove the directories one by one.  Time down 1 1/2 hours (am not
very good at shell programing). 

Questions: 

1. Is there any other way to protect against this type of attack than 
quotas?

2. Do quotas work well?

3. Might it be a good idea to limit the creation of sub-directories 
when the max path length will be exceeded, so that rm -r will 
continue to work?     

jbeukema