[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: L4-Hurd; denial of service in the memory architecture
|
From: |
Marcus Brinkmann |
|
Subject: |
Re: L4-Hurd; denial of service in the memory architecture |
|
Date: |
Mon, 19 Jan 2004 23:24:04 +0100 |
|
User-agent: |
Mutt/1.5.4i |
On Mon, Jan 19, 2004 at 03:07:49PM -0700, Christopher Nelson wrote:
> A container\_t is, for all intents and purposes, a hurd\_cap\_t. If a
> container is shared with another task, the second task may allocate
> frames which count against the container's owner's total allocated
> pages. This must be used with care.
> ---------
> This sounds like a denial of service attack waiting to happen. There
> should be a way to forbid another task from using this capability
> against the owner. Has more thought been given to this scenario yet?
The whole purpose of capabilities is to restrict who has access to an
object. The comment is rather meant to illustrate what the cap represents.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' GNU http://www.gnu.org address@hidden
Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/
address@hidden
http://www.marcus-brinkmann.de/