| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 10 Feb 2007 09:46:28 +0100 From: Miklos Szeredi <miklos@...redi.hu> To: rsc@...ch.com CC: akpm@...ux-foundation.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] fix quadratic behavior of shrink_dcache_parent() > > "The file system mounted on /tmp/z in the example contains 2^50 > > directories". heh. > > > > I do wonder how realistic this problem is in real life. > > That's a fair concern, although I was trying this as part > of evaluating how much someone could hose a system > if we let them mount arbitrary FUSE servers. And the > answer is: they could make it completely unusable, > requiring reboot. > > I ran a later test that printed how deep it got into > the file tree and it was only a few hundred thousand > if I recall correctly. A determined attacker might even > manage to do this in a normal file system. Unfortunately this patch doesn't completely solve this problem, since the system will still be hosed due to all memory being used up by dentries. And I bet the OOM killer won't find the real target (du) but will kill anything before that. So the second part of the problem is to somehow limit the number of dentries used. Not easy... Miklos - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists