[Meego-security-discussion] Quota support
casey.schaufler at nokia.com
casey.schaufler at nokia.com
Wed Apr 20 09:41:28 PDT 2011
> ________________________________________
> From: meego-security-discussion-bounces at lists.meego.com [meego-security-discussion-bounces at lists.meego.com] on behalf of ext Rolf Offermanns [roffermanns at sysgo.com]
> Sent: Wednesday, April 20, 2011 4:28 AM
> To: meego-security-discussion at lists.meego.com
> Subject: [Meego-security-discussion] Quota support
>
> Hi All,
>
> do you consider quota support to be part of MeeGos security discussion?
Woof. Security people generally consider quotas part of resource management.
If you allow for what quotas are supposed to achieve in your security model you
are well down a road that leads to requirements around protection from denial
of service issues. I don't have a model for a solution (yet) for denial of service
issues, and I don't know anyone who does.
> If not, how will you keep applications from filling up the filesystem?
Look up "Parkinson's Law". Weep.
> Having a separate filesystem for application storage will help, but
> there will still be a problem with different applications competing for
> disk space.
Can't be helped. No one has ever written a polite application regarding
disk usage. Applications are like seagulls, scanning for free disk blocks
and chanting "Mine! Mine!".
> I just discovered that BTRFS has no support for quota currently, so that
> may be another thing to keep in mind.
Hum. Sounds like a project.
> -Rolf
More information about the MeeGo-security-discussion
mailing list