When reading about security measures for operating systems I found the recommendation that disk quotas should be used. I thought that is just a general IT requirement to ensure everybody got the same space, hence this requirement targets availability only.
Besides this reason can somebody explain to me what security consequences it could have when disk quotas are not enabled?
Assuming absolutely no quotas are enabled, not even the default ones in many filesystems that give root a little more free space than other users, a malicious process could write to the disk until it is completely full. This would prevent any other program, even privileged daemons, from writing to the disk. This could lead to a denial-of-service condition and may interfere with important tasks:
Passwords may fail to change, as it often involves writing a temporary file.
Logs may stop being written, allowing one to attack the system without leaving traces.
Software updates may fail, leaving outdated and exploitable software on the system.
