Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Disk (over)quota in Windows 2000

From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Wed, 1 Mar 2000 09:11:00 +0100

Peter Gutmann wrote:


Dave Tarbatt - ACS <D.A.Tarbatt () BOLTON AC UK> writes:


I've been looking into disk quotas under Windows 2000 and have uncovered a
few anomalies. On top of a few peculiarities there appears to be a bug which
allows a user to exceed their disk quota by as much as they wish.


Isn't this just a cluster-size filling issue?  It looks like accounting is
being done on a bytes-used basis but files are managed on a per-cluster basis,
so it's possible to extend files out to fill the cluster without coming into
conflict with the quota system.


Not "just" a cluster-size filling issue. The idea of quotas is preventing
people from using all available hard disk space, as that is a VERY effective
DoS. This bug means that W2K basically does not have any quotas, since it does
not provide that protection.

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson () enternet se
Previous By Date Next
Previous By Thread Next

Current thread: