|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2012-12-13 15:58:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
A hash-based DOS attack on Btrfs
Pascal Junod has disclosed
a pair of denial-of-service attacks against the Btrfs filesystem based on
hash collisions. "I have created several files with random names in
a directory (around 500). The time required to remove them is
negligible. Then, I have created the same number of files, but giving them
only 55 different crc32c values. The time required to remove them is so
large that I was not able to figure it out and killed the process after 220
minutes (!)." This is a local attack only, but administrators of
Btrfs-using sites with untrusted users may want to pay attention.
Pascal Junod has disclosed
a pair of denial-of-service attacks against the Btrfs filesystem based on
hash collisions. "I have created several files with random names in
a directory (around 500). The time required to remove them is
negligible. Then, I have created the same number of files, but giving them
only 55 different crc32c values. The time required to remove them is so
large that I was not able to figure it out and killed the process after 220
minutes (!)." This is a local attack only, but administrators of
Btrfs-using sites with untrusted users may want to pay attention.
