Re: [PATCH] Inode quota allocation loophole (2.4)

Jan Kara (jack@suse.cz)
Wed, 13 Jun 2001 01:00:17 +0200


Hello,

> Currently, dquot_initialize() is a no-op if the inode being initialized
> isn't a regular file, directory or symlink. This means that calling
> DQUOT_ALLOC_INODE() on a named pipe or AF_UNIX socket has no effect (the
> same applies to devices, but this is less likely to be a problem as
> random users can't create them); as a result a user can exhaust the
> filesystem's inodes even when they have a quota limit. This problem is
> exploitable in 2.2.19 and 2.4.2, and appears to be present in all kernel
> versions that I've looked at.
>
> I presume that the reason for not putting quotas on pipes and sockets is
> that it's slightly more efficient not to do so. If that's the case, then
> the simplest solution would be to remove the checks in fs/dquot.c (patch
> below for 2.4.5 - patch for 2.2 in following email). Are there any
> undesirable consequences to pipes, sockets and devices having non-NULL
> pointers in i_dquot[]?
I must admit that I don't know why we don't count quotas also for device/pipe/socket
inodes. This behaviour was there for ages :). Maybe it's time to change it.
I can't think of any problems which can be with it... Your patch seems to be fine.

Honza

--
Jan Kara <jack@suse.cz>
SuSE Labs
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/