From: Peter Gutmann [mailto:pgut001 () CS AUCKLAND AC NZ]
Sent: Wednesday, 1 March 2000 11:56 am
To: BUGTRAQ () SECURITYFOCUS COM
Subject: Re: Disk (over)quota in Windows 2000
Dave Tarbatt - ACS <D.A.Tarbatt () BOLTON AC UK> writes:
I've been looking into disk quotas under Windows 2000 and
have uncovered a
few anomalies. On top of a few peculiarities there appears
to be a bug which
allows a user to exceed their disk quota by as much as they wish.
I discovered by experiment that new files can be created
upto a size of
(Quota - UsedSpace + 2KB - 1byte), i.e. they can go
overquota by up to 2047
bytes. Not too much of a problem. Extending existing files
can be up to
(Quota - UsedSpace +1KB -1byte) i.e. up to 1023 bytes
overquota - nothing
much to be worried about.
Isn't this just a cluster-size filling issue? It looks like
being done on a bytes-used basis but files are managed on a
so it's possible to extend files out to fill the cluster
without coming into
conflict with the quota system.