Date: Thu, 27 Oct 2016 03:45:24 +0300
From: "Kirill A. Shutemov" <kirill@shutemov.name>
To: David Herrmann <dh.herrmann@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Andy Lutomirski <luto@amacapital.net>, Jiri Kosina <jikos@kernel.org>,
        Greg KH <greg@kroah.com>, Hannes Reinecke <hare@suse.com>,
        Steven Rostedt <rostedt@goodmis.org>, Arnd Bergmann <arnd@arndb.de>,
        Tom Gundersen <teg@jklm.no>, Josh Triplett <josh@joshtriplett.org>,
        Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [RFC v1 00/14] Bus1 Kernel Message Bus
Message-ID: <20161027004524.GA4184@node>
References: <20161026191810.12275-1-dh.herrmann@gmail.com>
 <CA+55aFyDCR1bdzNe+kwuAO-XAzdxhtBjqRNrRnWFuo0Q8-QUmA@mail.gmail.com>
 <CANq1E4R_fg6Ptjg53RYzZZ2csrt+VvmExDcE_suvOFfxv-bxcw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CANq1E4R_fg6Ptjg53RYzZZ2csrt+VvmExDcE_suvOFfxv-bxcw@mail.gmail.com>
User-Agent: Mutt/1.5.23.1 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 550
Lines: 16

On Wed, Oct 26, 2016 at 10:34:30PM +0200, David Herrmann wrote:
> Long story short: We have uid<->uid quotas so far, which prevent DoS
> attacks, unless you get access to a ridiculous amount of local UIDs.
> Details on which resources are accounted can be found in the wiki [1].

Does only root user_ns uid count as separate or per-ns too?

In first case we will have vitually unbounded access to UIDs.

The second case can cap number of user namespaces a user can create while
using bus1 inside.

Or am I missing something?

-- 
 Kirill A. Shutemov