From owner-freebsd-hackers Mon Mar 20 20:58:18 1995 Return-Path: hackers-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id UAA07516 for hackers-outgoing; Mon, 20 Mar 1995 20:58:18 -0800 Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id UAA07508 for ; Mon, 20 Mar 1995 20:57:53 -0800 Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id OAA04361; Tue, 21 Mar 1995 14:57:17 +1000 Date: Tue, 21 Mar 1995 14:57:17 +1000 From: Bruce Evans Message-Id: <199503210457.OAA04361@godzilla.zeta.org.au> To: hackers@FreeBSD.org, jbeukema@hk.super.net Subject: Re: Denial of resource attacks Sender: hackers-owner@FreeBSD.org Precedence: bulk >Well, surprise, rm -r fails when the maximum path length is exceeded. I >was forced to write another shell script to step down the chain to the end >and then remove the directories one by one. Time down 1 1/2 hours (am not >very good at shell programing). Another rm (gnu) might have worked. It's easy for rm to recurse and chdir down the tree itself. This is probably the fastest way to do it anyway. One problem is that it may be hard to chdir back up the tree. (Damaged) subdirectories may be missing their ".." entry. Parent directories may have been renamed. I thought the FreeBSD rm did chdir down the tree. It uses fts. fts chdir's down the tree unless the FTS_NOCHDIR flag is set. rm always sets this flag! >Questions: >1. Is there any other way to protect against this type of attack than >quotas? No. >2. Do quotas work well? Don't know. >3. Might it be a good idea to limit the creation of sub-directories >when the max path length will be exceeded, so that rm -r will >continue to work? No. rm should be fixed. It may take a long time to remove deeply nested directories, but it will take a long time to create them too, and wasting resources for this is no worse than wasting resources for creating and deleting files. Bruce