[clue-tech] Filesystem quotas circumvented
Keith Hellman
khellman at mcprogramming.com
Wed Jan 19 07:02:10 MST 2005
On Tue, Jan 18, 2005 at 05:09:09PM -0700, Keith Hellman wrote:
> But, the process *writing* into ~/lsr has an effective user id of root
> (it is the sudo binary). My guess is that it is the process uid & gid
> that quota is considering, not the file owner's (angelo's) quota limits.
Just for clarity (and without, again, *any* knowledge of quota
internals), I think I'm wrong above. It seems more 'the unix way' that
a priviledged process is never quota-impaired (after all root should
know what he/she is doing). Suppose the command was actually
[angelo]$ su fred -c "yes" > ~/angelos_home_file
I doubt that the kernel would actually begin using fred's quota
parameters, quota parameters seem most appriately stuck to the file
itself. In the case that a priviledged process is writing, those
parameters are simply ignored.
Does anyone (Angelo?) have the inclination to test this quickly? I'd be
curious of the results but don't have the time to setup (aka learn)
quota. Specifically the question would be:
Does the operation
[angelo]$ su fred -c "yes" > ~/angelos_home_file
follow fred's quota restrictions, angelo's quota restrictions, or no
quota restrictions.
Just another random thought.
--
Keith Hellman #include <disclaimer.h>
khellman at mcprogramming.com from disclaimer import standard
public key @ www.mcprogramming.com
"Every man knows he is a sissy compared to Johnny Cash."
-- Bono (U2)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://cluedenver.org/pipermail/clue-tech/attachments/20050119/16f07926/attachment.bin
More information about the clue-tech
mailing list