lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 19 Nov 2010 18:29:49 -0600
From:	Dustin Kirkland <kirkland@...onical.com>
To:	Ted Ts'o <tytso@....edu>, "kees.cook" <kees.cook@...onical.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Michel Lespinasse <walken@...gle.com>,
	Hugh Dickins <hughd@...gle.com>,
	Christoph Hellwig <hch@...radead.org>,
	Dave Chinner <david@...morbit.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Nick Piggin <npiggin@...nel.dk>, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, Rik van Riel <riel@...hat.com>,
	Kosaki Motohiro <kosaki.motohiro@...fujitsu.com>,
	Theodore Tso <tytso@...gle.com>,
	Michael Rubin <mrubin@...gle.com>,
	Suleiman Souhlal <suleiman@...gle.com>
Subject: Re: [PATCH 3/3] mlock: avoid dirtying pages and triggering
 writeback

On Fri, 2010-11-19 at 18:22 -0500, Ted Ts'o wrote:
> On Fri, Nov 19, 2010 at 02:54:42PM -0800, Andrew Morton wrote:
> > 
> > Dirtying all that memory at mlock() time is pretty obnoxious.
> > ...
> > So all that leaves me thinking that we merge your patches as-is.  Then
> > work out why users can fairly trivially use mlock to hang the kernel on
> > ext2 and ext3 (and others?) 
> 
> So at least on RHEL 4 and 5 systems, pam_limits was configured so that
> unprivileged processes could only mlock() at most 16k.  This was
> deemed enough so that programs could protect crypto keys.  The
> thinking when we added the mlock() ulimit setting was that
> unprivileged users could very easily make a nuisance of themselves,
> and grab way too much system resources, by using mlock() in obnoxious
> ways.
> 
> I was just checking to see if my memory was correct, and to my
> surprise, I've just found that Ubuntu deliberately sets the memlock
> ulimit to be unlimited.  Which means that Ubuntu systems are
> completely wide open for this particular DOS attack.  So if you
> administer an Ubuntu-based server, it might be a good idea to make a
> tiny little change to /etc/security/limits.conf....
> 
> 							- Ted

Kees,

Copying you into this thread, in case you'd like to respond from the
Ubuntu side.  Thanks for the heads-up, Ted.

-- 
:-Dustin

Dustin Kirkland
Canonical, LTD
kirkland@...onical.com
GPG: 1024D/83A61194

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists