Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751366AbdGQP6Y (ORCPT ); Mon, 17 Jul 2017 11:58:24 -0400 Received: from shards.monkeyblade.net ([184.105.139.130]:53078 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751286AbdGQP6W (ORCPT ); Mon, 17 Jul 2017 11:58:22 -0400 Date: Mon, 17 Jul 2017 08:58:21 -0700 (PDT) Message-Id: <20170717.085821.179430433629233314.davem@davemloft.net> To: dh.herrmann@gmail.com Cc: netdev@vger.kernel.org, teg@jklm.no, eric.dumazet@gmail.com, hannes@stressinduktion.org, linux-kernel@vger.kernel.org, alban.crequy@collabora.co.uk, simon.mcvittie@collabora.co.uk Subject: Re: [PATCH] net/unix: drop obsolete fd-recursion limits From: David Miller In-Reply-To: <20170717093554.16459-1-dh.herrmann@gmail.com> References: <20170717093554.16459-1-dh.herrmann@gmail.com> X-Mailer: Mew version 6.7 on Emacs 25.2 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Mon, 17 Jul 2017 08:58:22 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 595 Lines: 15 From: David Herrmann Date: Mon, 17 Jul 2017 11:35:54 +0200 ... > With all of this in mind, lets drop the recursion limit. It has no > additional security value, anymore. On the contrary, it randomly > confuses message brokers that try to forward file-descriptors, since > any sendmsg(2) call can fail spuriously with ETOOMANYREFS if a client > maliciously modifies the FD while inflight. > > Cc: Alban Crequy > Cc: Simon McVittie > Signed-off-by: David Herrmann Applied, thanks.