mount --bind accounting

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michael Rothwell: "Re: keyboard hook?"
• Previous message: Maciej W. Rozycki: "Re: APIC problem or 3com 3c590 driver problem in smp kernel 2.4.x"
• Next in thread: Alexander Viro: "Re: mount --bind accounting"
• Reply: Alexander Viro: "Re: mount --bind accounting"
• Reply: Andries.Brouwer@cwi.nl: "Re: mount --bind accounting"
• Reply: Stephen C. Tweedie: "Re: mount --bind accounting"

Last year I added the comment
/* No capabilities? What if users do thousands of these? */
in super.c for "mount --bind".
Now that I do some polishing there I noticed the comment again.

Each bind does an alloc_vfsmnt() and hence takes some kernel memory.
Any user can therefore take all kernel memory, until
kmalloc(sizeof(struct vfsmount), GFP_KERNEL)
fails. Bad security.
I suppose something needs to be done about that.

Invent an arbitrary limit
#define MAX_NUMBER_OF_USER_BINDS 666
and refuse the "mount --bind" when inspection of the mnt_owner fields
of the entries in the vfsmntlist shows that this user already has
too many mounts?

Andries
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Michael Rothwell: "Re: keyboard hook?"
• Previous message: Maciej W. Rozycki: "Re: APIC problem or 3com 3c590 driver problem in smp kernel 2.4.x"
• Next in thread: Alexander Viro: "Re: mount --bind accounting"
• Reply: Alexander Viro: "Re: mount --bind accounting"
• Reply: Andries.Brouwer@cwi.nl: "Re: mount --bind accounting"
• Reply: Stephen C. Tweedie: "Re: mount --bind accounting"