On Sat, Sep 07, 2002 at 04:51:02AM -0600, Joseph A. Knapka wrote: > Nagaraj wrote: > > > > > No, you could not crash the kernel this way. Your > > > userland program would be the one traversing the symlinks, > > > in -user space-. Each call into the kernel would > > > traverse one link, sure, but that's certainly not > > > going to be a problem for the kernel. > > > > > > > plz have a look at: > > http://lwn.net/Articles/2995/ > > > > I think user process can still do it. > > Er... no, the article you cite says the same thing I said: > the kernel limits symlink traversals on any given path. > Any attempt by a user to exploit the recursive nature > of symlink lookups will simply fail, without damaging > the kernel in any way. First of all, path_walk is NOT RECURSIVE. So you the path you resolve can be of any length and have any number of links, but it will always require the same amount of stack space. > > > I also suspect (though I do not know this for certain) > > > that the kernel is smart enough to detect kernel-stack > > > overflow and kill the offending process. It would be > > > trivial: just keep a read-only PTE at the end of the > > > kernel stack, and if anything tries to write > > > there, take a page fault, notice that it's adjacent > > > to the task stack, and kill the process. > > > > http://van-dijk.net/linuxkernel/200206/1235.html > > By reading that, i think it wont ! ( i may be wrong here ) > > I donno abt latest kernels. > > That article doesn't seem to address this issue. It > describes a patch for configurable stack size, but does > not say anything about the means by which the kernel > handles (or fails to handle) a stack overflow. You can't recursively enter the kernel, because there are no callbacks from kernel. So being sure kernel won't nest functions too much is sufficient. ------------------------------------------------------------------------------- Jan 'Bulb' Hudec <bulb@ucw.cz> -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
