From owner-freebsd-current Fri Feb 18 12:29:27 2000 Delivered-To: freebsd-current@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133]) by hub.freebsd.org (Postfix) with ESMTP id 3739937B9D6 for ; Fri, 18 Feb 2000 12:29:15 -0800 (PST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id WAA28733; Fri, 18 Feb 2000 22:28:56 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <200002182028.WAA28733@gratis.grondar.za> To: Garrett Wollman Cc: current@FreeBSD.org Subject: Re: Crypto progress! (And a Biiiig TODO list) References: <200002181556.KAA86357@khavrinen.lcs.mit.edu> In-Reply-To: <200002181556.KAA86357@khavrinen.lcs.mit.edu> ; from Garrett Wollman "Fri, 18 Feb 2000 10:56:07 EST." Date: Fri, 18 Feb 2000 22:28:56 +0200 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > < said: > > > o A username may only be checked $number times per $timeperiod; > > after that, _all_ answers are silently converted to "no". > > Easier: a username may only be checked by a process running as $uid > or by root. ... added to the list of possibles. > > ... etc. There are possibilities for DoS attacks, but the daemon > > talks only to a Unix Domain Socket, so finding the perp is easy. > > And what happens when the daemon is dead, has crashed, or was never > started? Answer is "no". Possible DoS attack to be addressed. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message