[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: possible security flaw in screen 3.9.5-9

On Fri, Sep 08, 2000 at 10:07:37PM -0400, Matthew W Miller wrote:
> {Big Snip}
> How would a quota stop the user from stuffing /var to its limit? Isn't
> that part of the problem where the user could stuff /var and hemorrage the
> logs?

Through not allowing the user full access to the free space. Possible holes 

a. many users could accidentally or otherwise smurf the free space anyhow
b. an opportune moment may happen where the free space left on /var is less
   then the quota allows.

You could make the quota insanely small, but that may break what you're
trying to do in allowing users /var access and it feels more of a little
dutch boy solution. (picutre 5 yr old kid with finger stuffed in a hole
of a dam, trying to stop it leaking :)

> ::>more headaches for /tmp cleaners and it does not solve any of the
> ::>above problems.  to solve the above problems enforce quotas on /var
> ::>(which can be much smaller then /home quotas, say 5 or 10 MB) that is
> ::>what i do.
> ::>
> ::>-- 
> ::>Ethan Benson
> ::>http://www.alaska.net/~erbenson/

CaT (cat@zip.com.au)

	'He had position, but I was determined to score.'
		-- Worf, DS9, Season 5: 'Let He Who Is Without Sin...'

Reply to: