On Fri, 2010-11-19 at 18:22 -0500, Ted Ts'o wrote: > On Fri, Nov 19, 2010 at 02:54:42PM -0800, Andrew Morton wrote: > > > > Dirtying all that memory at mlock() time is pretty obnoxious. > > ... > > So all that leaves me thinking that we merge your patches as-is. Then > > work out why users can fairly trivially use mlock to hang the kernel on > > ext2 and ext3 (and others?) > > So at least on RHEL 4 and 5 systems, pam_limits was configured so that > unprivileged processes could only mlock() at most 16k. This was > deemed enough so that programs could protect crypto keys. The > thinking when we added the mlock() ulimit setting was that > unprivileged users could very easily make a nuisance of themselves, > and grab way too much system resources, by using mlock() in obnoxious > ways. > > I was just checking to see if my memory was correct, and to my > surprise, I've just found that Ubuntu deliberately sets the memlock > ulimit to be unlimited. Which means that Ubuntu systems are > completely wide open for this particular DOS attack. So if you > administer an Ubuntu-based server, it might be a good idea to make a > tiny little change to /etc/security/limits.conf.... > > - Ted Kees, Copying you into this thread, in case you'd like to respond from the Ubuntu side. Thanks for the heads-up, Ted. -- :-Dustin Dustin Kirkland Canonical, LTD kirkland@xxxxxxxxxxxxx GPG: 1024D/83A61194
Attachment:
signature.asc
Description: This is a digitally signed message part