max connections per control group (cgroup)

Lennart Poettering mzqohf at 0pointer.de
Wed Aug 13 10:06:42 PDT 2014


On Wed, 06.08.14 15:16, Alban Crequy (alban.crequy at collabora.co.uk) wrote:

> Hi,
> 
> In order to make dbus-daemon more resistant against denial-of-service issues, I
> implemented a new limit that could be added in the configuration:
>   <limit name="max_connections_per_cgroup">16</limit>

Currently there's no way to racefreely acquire the cgroup path
really. While acquiring it racefully is OK for purely informational
purposes it sounds weird actually binding policy to it...

> However, I would like feedback on whether it is a good idea or if you think of
> a better way.
> 
> dbus-daemon already has some limits on connections:
> - max_completed_connections: (default|system bus)=2048 (session bus)=100000
> - max_connections_per_user: (default|system bus)=256 (session bus)=100000
> 
> So an user on the system bus cannot use all connections and prevent other users
> from connecting to the bus.
> 
> But this per-user granularity does not allow to distinguish different services
> running as the same user. For example, both Avahi and ConsoleKit are system
> services, running as the same user root, and they connect to the system bus. If
> one of them starts to use all the available connections due to a bug, the other
> will not be able to connect.

avahi doesn't run as root. And ck is obsolete. But I get your point...

Lennart

-- 
Lennart Poettering, Red Hat


More information about the dbus mailing list