Date: Thu, 18 Mar 1999 04:00:28 +0100 From: Rico Pajarola <pajarola@cybertime.ch> To: security@FreeBSD.ORG Cc: Dmitry Valdov <dv@dv.ru> Subject: Re: disk quota overriding Message-ID: <3.0.32.19990318034657.00a1f100@shrike.overmind.ch>
next in thread | raw e-mail | index | archive | help
That's just another symptom of the hardlink-to-files-you-dont-own problem.
It allows you to create files (or at least directory entries for files) you
don't own. I'd really like to have a mount-option (or maybe a sysctl) to
prevent that behaviour (allow hardlinks only if you could write to the file).
I use hardlinks very often, but I never had a case where someone should
have been able to hardlink to a file he didn't own AND a symlink wasn't
good enough (for whatever reason). I extensively use hardlinks (diskless
workstations) so I wouldn't like to see them go completely, but I always
thought it was impossible to hardlink to files you can't write to, until I
tried it myself after the recent discussion. It allows you to create
directory entries for files you couldn't have created yourself, which is
somehow strange.
I very often have home on /usr, because usually that's the place where all
the excess disk space goes (on machines with shell users I always made them
a separate partition, thank god, but only because I don't completely trust
quotas, and I don't want to give my users even the slightest chance to
overflow /usr). On all other partitions, they're not allowed to do anything.
Besides, I consider /tmp on / filesystem a bad thing anyway (I like the
idea of a ro / filesystem where only root can write to, and also only 'by
hand'). If I don't have enough disk space to make it an own partition, I
link it to /usr/root-tmp or something like that.
Rico
>Hi!
>
>There is a way to overflow / filesystem even is quota is enabled.
>
>Just make many hard links (for example /bin/sh) to /tmp/
>
>for ($q=0;$q<100000;$q++){
>system ("ln /bin/sh /tmp/ln$q");
>}
>
>Because /tmp directory usually owned by root that why quotas has no effect.
>*Directory* size of /tmp can be grown up to available space on / filesystem.
>
>Any way to fix it?
>
>Dmitry.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19990318034657.00a1f100>