From owner-freebsd-stable Wed Aug 12 03:17:06 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA05103 for freebsd-stable-outgoing; Wed, 12 Aug 1998 03:17:06 -0700 (PDT) (envelope-from owner-freebsd-stable@FreeBSD.ORG) Received: from amalthea.salford.ac.uk (amalthea.salford.ac.uk [146.87.255.61]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id DAA05067 for ; Wed, 12 Aug 1998 03:16:53 -0700 (PDT) (envelope-from freebsd-stable-list@salford.ac.uk) From: freebsd-stable-list@salford.ac.uk Received: (qmail 28293 invoked by alias); 12 Aug 1998 10:16:25 -0000 Received: (qmail 28287 invoked from network); 12 Aug 1998 10:16:25 -0000 Received: from ananke.salford.ac.uk (146.87.255.67) by amalthea.salford.ac.uk with SMTP; 12 Aug 1998 10:16:25 -0000 Received: (qmail 19984 invoked by alias); 12 Aug 1998 10:16:18 -0000 Delivered-To: catchall-freebsd-stable@freebsd.org Received: (qmail 19976 invoked by uid 6); 12 Aug 1998 10:16:17 -0000 Message-ID: <19980812101617.19975.qmail@ananke.salford.ac.uk> Reply-To: mark@nospam.salford.ac.uk (Mark Powell) Subject: Re: Huge Bug in FreeBSD not fixed? To: freebsd-stable@FreeBSD.ORG Date: 12 Aug 1998 11:16:15 +0100 X-Gated-To-News-By: NewsMaster Xref: ananke.salford.ac.uk salford.mailing-lists.freebsd.stable:5465 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In article <6qqbve$ptd$1@ananke.salford.ac.uk>, Tom wrote: > >On Tue, 11 Aug 1998, Stefan Bethke wrote: > >... >> As a relief you can try to increase the number of mbufs; however, this will >> only make the case less likely to occur. >... > > Actually, if you limit the number of processes per user, you can almost >completely prevent it from happening (at least for regular users anyhow). I posted a similar article a month or so ago, see: Subject: 2.2.6 net performance and panic with 1000's of sockets open in freebsd-net. I had a test program that was opening 1000's of sockets to another FreeBSD box and leaving them open. This would panic both FreeBSD boxes consistently. It only used one process. Thus limiting processes will have no effect. Limiting open files would though. I realise the other exploit uses the fact that it can, in total, open n*u (n = maximum number of open file descriptors & u the maximum number of user processes), whereas mine can only open n. However, it's still there. Seems like a bug to me. I could post my program to rootshell too :) The advice I received was to increase maxusers (to increase mbufs) and options "NMBCLUSTERS=8192" options MSIZE="256" This cured the problem. However, I realise that it is simply making it less likely happen. As Stefan pointed out the system panics if it doesn't get it's mbuf. -- Mark Powell - System Administrator (UNIX) - Clifford Whitworth Building A.I.S., University of Salford, Salford, Manchester, UK. Tel: +44 161 295 5936 Fax: +44 161 295 5888 Email: M.S.Powell@ais.salfrd.ac.uk finger mark@ucsalf.ac.uk (for PGP key) NO SPAM please: Spell salford correctly to reply to me. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message