Date: Thu, 18 Mar 1999 09:23:43 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Andrew McNaughton <andrew@squiz.co.nz> Cc: "Daniel C. Sobral" <dcs@newsguy.com>, Dmitry Valdov <dv@dv.ru>, freebsd-current@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: disk quota overriding Message-ID: <Pine.BSF.3.96.990318092103.298B-100000@fledge.watson.org> In-Reply-To: <199903181243.BAA22599@aniwa.sky>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 19 Mar 1999, Andrew McNaughton wrote: > > Dmitry Valdov wrote: > > > I think that there is only one way to fix it - it's to disable making > > > *hard*links to directory with mode 1777. > > I don't use quotas, and don't know a great deal about how they operate, > but I think there's another disk filling DOS involving hard links > lurking which the above measure would also solve. > > If a user starts making hard links to (large and growing) log files, > with the new links being placed in /var/mail, then presumably those log > files will not be deleted correctly as they are rolled over, and will > quickly accumulate. > > This could not bring down a system as rapidly as growing the publicly > writable directory with lots of links, but it is not desirable system > behaviour. So, yet another risk associated with allowing hard links :-). Again, presumably the answer here is either a) restrict the creation of hard links, and b) make sure that users never have write access to any partition you don't want them to have the ability to preserve files on. The linking behavior in conjunction with quotas makes a lot of sense: if a user wants to consume someone else's quota, she just hard links to their files so they cannot delete them. And if she are mean, she links to them in private directories so the victim cannot find the links. Even if the user truncates the file, the inode is still consumed in their name. Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ Safeport Network Services http://www.safeport.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990318092103.298B-100000>