Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Disk (over)quota in Windows 2000
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Fri, 3 Mar 2000 09:05:43 -0800

At 10:49 PM 2/29/00 -0800, Ian Turner wrote:
Isn't this just a cluster-size filling issue?

Which is why effective quota security should enable inode limits as well
as byte limits.

I'm not going to dive into the 'is it a bug or not' debate, but did want to
make a couple of points -

A NTFS file system isn't limited by the number of clusters on a disk.  The
various components of a file are called streams, and the $data stream is
just one of them.  If a file has a small data segment, then the entire file
can be stored in the MFT, along with the security descriptor, attributes,
name, etc.  So the minimum amount of disk space that a file can take up is
the size of one MFT entry, which may or may not involve an additional
cluster.  If the file grows, then the data stream within the MFT is
replaced by a pointer to the cluster where the data is stored.  Hence, the
concept of inodes isn't germane to NTFS.

Hope this clears up some small amount of the confusion...

David LeBlanc
dleblanc () mindspring com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]