Bogdan Costescu wrote:
>
> On Fri, 1 Jun 2001, Pete Zaitcev wrote:
>
> > > But, each time a user cats this proc file, the user is banging the
> > > hardware. What happens when a malicious user forks off 100 processes to
> > > continually cat this file? :)
> >
> > Nothing good, probably. Same story as /proc/apm, which only
> > hits BIOS instead (and it's debateable what is better).
>
> Hmm, the MII related ioctl's in some net drivers (checked for 3c59x,
> tulip, eepro100) are also querying the hardware. And a user is allowed to
> ask for this info (but not able to modify it).
And a malicious user calling those at a high rate is bound to get ugly.
In both of these situations, calling the ioctls without priveleges is
quite useful, so maybe rate-limiting for ioctls and proc files like this
would be a good idea in general.
Jeff
-- Jeff Garzik | Disbelief, that's why you fail. Building 1024 | MandrakeSoft | - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jun 07 2001 - 21:00:13 EST