On 5 Oct 2001, Eric W. Biederman wrote:
> > The MAP_DENYWRITE rule was added a long time ago because people found actual
> > workable DoS attacks
>
> Do you have any details. I would like to figure out what it takes to
> export MAP_DENYWRITE safely to userspace.
I think it literally was /var/run/[uw]tmp, and using MAP_DENYWRITE to
disable all logins.
But it pretty much covers _any_ logfiles that are readable (and thus
openable) by users.
> Currently checking to see if the file is executable looks good
> enough.
[ executable by the user in question, not just anybody ]
Yes, I suspect it is.
> The fix for bad permission (during a DOS attack) is either:
> chmod correct_permissions foo
> lsof foo | xargs kill
Well, if you cannot log in as root, it doesn't much matter what the "fix"
is, so it's better to be safe than sorry.
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Oct 07 2001 - 21:00:38 EST