| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Aug 2013 20:50:26 -0400 From: Tejun Heo <tj@...nel.org> To: Michal Hocko <mhocko@...e.cz> Cc: "Kirill A. Shutemov" <kirill@...temov.name>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, cgroups@...r.kernel.org, Johannes Weiner <hannes@...xchg.org>, KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>, Andrew Morton <akpm@...ux-foundation.org>, Anton Vorontsov <anton.vorontsov@...aro.org> Subject: Re: [PATCH 1/3] memcg: limit the number of thresholds per-memcg Hello, On Thu, Aug 08, 2013 at 04:43:51PM +0200, Michal Hocko wrote: > > Is it correct that you fix one local DoS by introducing a new one? > > With the page the !priv user can block root from registering a threshold. > > Is it really the way we want to fix it? > > OK, I will think about it some more. The only thing the patch does is replacing implicit global resource limit with an explicit one. Whether that's useful or not, I don't know, but it doesn't really change the nature of the problem or actually fix anything. The only way to fix it is rewriting the whole thing so that allocations are broken up per source, which I don't think is a good idea at this point. I'd just add a comment noting why it's broken. Given that delegating to !priv users is horribly broken anyway, I don't think this worsens the situation by too much anyway. Thanks. -- tejun -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists