Nagaraj wrote: > > > You have a nice big smoking crater in the landscape. Kernel > > code is carefully written to avoid deep call nesting. > > Hmmm i had thaught of this. > > but consider this: > suppose im traversing the simlinks. > there could be thousands of nested links ( in my dreamland ). > ( im not tellin abt self loops, which could be detected. > but actual nested links. ) > Then system may go in spinloop. Nope. There's a hardcoded limit on the number of symlinks that can be traversed on any path (I believe - based on seeing the message "too many levels of symbolic links" from bash on occasion). > What im tryin to point out is that this could be a loophole for > a dirty user ( like me ! ). > What i would do is, create 1000 symlinks in my program. > ( this isnt a dream !). And use "symlinks" for resolving it. or write my > own recursive > simlink extraction program. Thats it. Im a normal user and able to crash > the server ! No, you could not crash the kernel this way. Your userland program would be the one traversing the symlinks, in -user space-. Each call into the kernel would traverse one link, sure, but that's certainly not going to be a problem for the kernel. I also suspect (though I do not know this for certain) that the kernel is smart enough to detect kernel-stack overflow and kill the offending process. It would be trivial: just keep a read-only PTE at the end of the kernel stack, and if anything tries to write there, take a page fault, notice that it's adjacent to the task stack, and kill the process. Cheers, -- Joe "I'd rather chew my leg off than maintain Java code, which sucks, 'cause I have a lot of Java code to maintain and the leg surgery is starting to get expensive." - Me -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
