[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
L4-Hurd; denial of service in the memory architecture
From: |
Christopher Nelson |
Subject: |
L4-Hurd; denial of service in the memory architecture |
Date: |
Mon, 19 Jan 2004 15:07:49 -0700 |
Vmm.tex, lines 400-411:
\paragraph{Creating Containers}
A container may be created using:
\begin{code}
error\_t pm\_container\_create (out container\_t container)
\end{code}
A container\_t is, for all intents and purposes, a hurd\_cap\_t. If a
container is shared with another task, the second task may allocate
frames which count against the container's owner's total allocated
pages. This must be used with care.
---------
This sounds like a denial of service attack waiting to happen. There
should be a way to forbid another task from using this capability
against the owner. Has more thought been given to this scenario yet?
- L4-Hurd; denial of service in the memory architecture,
Christopher Nelson <=