Re: [RFC v1 00/14] Bus1 Kernel Message Bus

From: David Herrmann
Date: Wed Nov 02 2016 - 10:45:16 EST


On Thu, Oct 27, 2016 at 2:45 AM, Kirill A. Shutemov
<kirill@xxxxxxxxxxxxx> wrote:
> On Wed, Oct 26, 2016 at 10:34:30PM +0200, David Herrmann wrote:
>> Long story short: We have uid<->uid quotas so far, which prevent DoS
>> attacks, unless you get access to a ridiculous amount of local UIDs.
>> Details on which resources are accounted can be found in the wiki [1].
> Does only root user_ns uid count as separate or per-ns too?
> In first case we will have vitually unbounded access to UIDs.
> The second case can cap number of user namespaces a user can create while
> using bus1 inside.
> Or am I missing something?

We use the exact same mechanism as "struct user_struct" (as defined in
linux/sched.h). One instance corresponds to each kuid_t currently in
use. This is analogous to task, epoll, inotify, fanotify, mqueue,
pipes, keys, ... resource accounting.

Could you elaborate on what problem you see?