svn commit: r192463 - head/sys/fs/nfsserver
jmallett at FreeBSD.org
Wed May 20 21:38:37 UTC 2009
On Wed, May 20, 2009 at 2:36 PM, Rick Macklem <rmacklem at uoguelph.ca> wrote:
> On Wed, 20 May 2009, Juli Mallett wrote:
>> When client ids have been run out of, does that put something into a
>> dangerous state (insecure or crash-prone)? Isn't it better to let the
>> administrator make the decision of when to reboot the machine?
> Well, first off, this will "never" happen in practice. the clientid
> generator is a 32bit unsigned, which means it will wrap around in 13.6
> years if there is an average rate of 10 new clientids/sec. Since a new
> clientid only typically happens once per mount (some clients might even
> do less), it seems highly unlikely that an "average rate of 10/sec"
> could happen even on the busiest server with clients doing short term
> mounts. (There was talk of a client inside a web browser, but I don't
> know that it has ever been written.)
What's to prevent using this as a DoS vector? Is it really so hard to
exhaust the server of clientids, forcing a reboot / drop to debugger?
> When the 32bit # wraps around, rebooting would be the only solution,
> since re-issuing the same clientid is verboten by the RFC.
> If it was something I will see happen in my lifetime, I would be more
> concerned about it.
> The only reason I put it in is so no one can argue I can violate the RFC.
More information about the svn-src-head