On Mon, 2011-11-07 at 12:29 +0100, Lennart Poettering wrote: > On Mon, 07.11.11 02:31, Christoph Hellwig (hch@xxxxxxxxxxxxx) wrote: > > > > > On Sun, Nov 06, 2011 at 06:15:01PM -0300, Davidlohr Bueso wrote: > > > From: Davidlohr Bueso <dave@xxxxxxx> > > > > > > This patch adds a new RLIMIT_TMPFSQUOTA resource limit to restrict an individual user's quota across all mounted tmpfs filesystems. > > > It's well known that a user can easily fill up commonly used directories (like /tmp, /dev/shm) causing programs to break through DoS. > > > > Please jyst implement the normal user/group quota interfaces we use for other > > filesystem. > > Please don't. > > tmpfs by its very nature is volatile, which means that we'd have to > upload the quota data explicitly each time we mount a tmpfs, which means > we'd have to add quite some userspace infrastructure to make tmpfs work > with quota. Either every time a tmpfs is mounted we'd have to apply a > quota for every configured user and every future user to it (which is > simply not realistic) or on every user logging in we'd have to go > through all tmpfs mount points and apply a user-specific quota setting > to it -- which isn't much less ugly and complex. Just using a > user-specific RLIMIT is much much simpler and beautiful there, and > requires almost no changes to userspace. > > On top of that I think a global quota over all tmpfs is actually > preferable than a per-tmpfs quota, because what you want to enforce is > that clients cannot drain the pool that tmpfs is backed from but how > they distribute their share of that pool on the various tmpfs mounted > doesn't really matter in order to avoid DoS vulnerabilities. Right, rlimit approach guarantees a simple way of dealing with users across all tmpfs instances. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>