Re: How to take down a system to the point of requiring a newfs with one line of C (userland)



On Mon, Feb 18, 2008 at 09:14:30AM -0600, Daniel Corrigan wrote:
Since this was released to a public mailing list, I can only assume
some less than nice user will attempt this. The only top level file
system I have that can be written to by normal users is /tmp

Should clear_tmp_enable="YES" in /etc/rc.conf prevent this from
causing harm?

Probably not. But an inode quota might, if your users can deal with
having less than 10000 inodes - (what is supposed to be in the root of
such file systems). It would at least make it more difficult for one
rogue user to hurt you.

Perhaps an /usr/local/etc/rc.d script could look for problems such as
this in the stop process. Or one could simply remount the /tmp disk to
/data and make a symlink from /tmp to /data/tmp.

It seems like there should be several possible workarounds.

--
Scott Lambert KC5MLE Unix SysAdmin
lambert@xxxxxxxxxxxxxx

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"