Re: Can't hardlink in different dirs. (BUG#826)

Alexander Viro (viro@math.psu.edu)
Fri, 3 Dec 1999 17:48:07 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrei Pitis: "Re: Toshiba Satellite 2595XDVD"
Previous message: Andrea Arcangeli: "Re: Can't hardlink in different dirs. (BUG#826)"

On Fri, 3 Dec 1999, Andrea Arcangeli wrote:

> On Fri, 3 Dec 1999, Alexander Viro wrote:
>
> >... and F- on UNIX SA 101 - if you don't know the reasons to keep /tmp on
> >a separate filesystem.
>
> Would you call this a solution? This is a very ugly workaround. The fact
> this works is only a side effect of the limitations of the hardlink.

No, Andrea. There are _other_ good reasons for that. E.g. lusers being
able to fill the root filesystem - _not_ a thing you really want.

> So another solution is to take your data in a separated filesystem mounted
> in /home/alexander so nobody will be able to do hardlinks across a
> filesystem.
>
> I don't buy this point, sorry. With a 500giga filesystem it make no sense
> to make a partition for /tmp and I _want_ to be able to create hardlinks
> all over the place exactly because they are useful. So the less filesystem
> there are, the better will be for the hardlink case.

Quota has filesystem granularity. Can't be done in a different way. So
"one filesystem for everything" is idiocy, and size of harddisk _never_
helps. Ever seen NetRape caches? Could you spell "95% of /tmp filled with
pr0n and warez"? Thought so. Ever seen an effect of mailbomb (or just a
result of one luser sending CD to all department, in 20K chunks)? Ever
seen a result of _huge_ netnews turdlet (local, sent on Friday evening,
several dozens of CD _boxes_ with games)? Ever seen results of 50-60 Jabba
duhvelopers keeping hundreds of NetRape coredumps? Give me a break...

> >As for "kill his tasks" - great, is that what you do when you decide to rm
> >something? I like that policy, but it may be a bit of, erm, overkill.
>
> I don't like it either, but you should see it as a very seldom thing. I
> just assume we need a level of security that will allow an admin to
> trivially catch very silly guys and that avoids to mess up the fs.

Even the dumbest script kiddies usually can run a downloaded binary.

> >Besides, why on the Earth do you have finite quota for _root_, in the
> >first place? It's an instant fsckup(tm) waiting to happen. Sheesh...
>
> /tmp is owned by root but the quota is increased in the owner of the inode
> that is trashing metadata away in /tmp.
>
> NOTE: I can as well ignore this thread as I don't need this feature for
> myself and if nobody needs this kind of basic security either, than this
> is wasted time.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrei Pitis: "Re: Toshiba Satellite 2595XDVD"
Previous message: Andrea Arcangeli: "Re: Can't hardlink in different dirs. (BUG#826)"