Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 21 Mar 1995 12:05:02 +0800 (HKT)
From:      John Beukema <jbeukema@hk.super.net>
To:        hackers@FreeBSD.org
Subject:   Denial of resource attacks
Message-ID:  <Pine.SUN.3.91.950321114636.10870E-100000@is1.hk.super.net>

next in thread | raw e-mail | index | archive | help

I was testing FreeBSD 2.0R with a shell which generated endless sub 
directories. The kernel does not have disk quota option compiled.  

Not unexpectedly, the user process generated 5306 subdrectories and 
started looping on file system full messages.  No panic, crash or lock up 
-- so far, so good.  No problem, kill the shell and rm -r the directory, 
right? 

Well, surprise, rm -r fails when the maximum path length is exceeded.  I
was forced to write another shell script to step down the chain to the end
and then remove the directories one by one.  Time down 1 1/2 hours (am not
very good at shell programing). 

Questions: 

1. Is there any other way to protect against this type of attack than 
quotas?

2. Do quotas work well?

3. Might it be a good idea to limit the creation of sub-directories 
when the max path length will be exceeded, so that rm -r will 
continue to work?     

jbeukema



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.91.950321114636.10870E-100000>