From owner-freebsd-hackers Mon Nov 13 11:15:37 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from femail1.sdc1.sfba.home.com (femail1.sdc1.sfba.home.com [24.0.95.81]) by hub.freebsd.org (Postfix) with ESMTP id 3628C37B4C5 for ; Mon, 13 Nov 2000 11:15:32 -0800 (PST) Received: from beastie.localdomain ([24.19.158.41]) by femail1.sdc1.sfba.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20001113191515.MESZ14040.femail1.sdc1.sfba.home.com@beastie.localdomain>; Mon, 13 Nov 2000 11:15:15 -0800 Received: (from brian@localhost) by beastie.localdomain (8.9.3/8.8.7) id LAA13441; Mon, 13 Nov 2000 11:18:37 -0800 (PST) (envelope-from brian) Date: Mon, 13 Nov 2000 11:18:37 -0800 From: "Brian O'Shea" To: Nicole Harrington Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Log analysis program running under apache reboots server! Message-ID: <20001113111837.J622@beastie.localdomain> Reply-To: boshea@ricochet.net Mail-Followup-To: Nicole Harrington , freebsd-hackers@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Nicole Harrington on Mon, Nov 13, 2000 at 10:58:39AM -0800 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Nicole, Is it a panic, or does it just silently reboot? If it's a panic, what is the panic message, or any other message on the console when the system crashes? Also, can you get a crash dump? (see the dumpon(8) man page) -brian On Mon, Nov 13, 2000 at 10:58:39AM -0800, Nicole Harrington wrote: > Greetings all.. > > I have been trying to test an apache log analizing program called Nettracker > (wwww.sane.com) the program seems nice except for the fact that it keeps > rebooting/crashing the server. This would just be labeled crappy software > except for the fact that I am running the software as user apache and have > setup process limits in login.conf and it is still able to reboot the server. > > This seems like a real problem and security issue as I have setup limits in > /etc/login.conf (see below) and the program is being run via CGI as user > apache, yet it is still capable of rebooting the system. Seems like a nice > hack > to me. > > If anyone could check over my login.conf settings below and make sure they > are > correct/ truly usefull, I would really appreciate it! Also any information on > how this program could so easily reboot the server would be nice too. > > Thanks!! > > > Nicole > > System is 4.1-STABLE and has 256 Megs of memory and 4X that of swap. > > apacheuser:\ > :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ > :cputime=4h:\ > :datasize=64M:\ > :stacksize=4M:\ > :filesize=infinity:\ > :memoryuse=64M:\ > :priority=0:\ > :datasize-cur=32M:\ > :stacksize-cur=32M:\ > :coredumpsize-cur=0:\ > :maxmemorysize-cur=64M:\ > :memorylocked=32M:\ > :maxproc=128:\ > :openfiles=256:\ > :tc=standard: > > ## standard - standard user defaults > ## > standard:\ > :copyright=/etc/COPYRIGHT:\ > :welcome=/etc/motd:\ > :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ > :path=~/bin /bin /usr/bin /usr/local/bin:\ > :manpath=/usr/share/man /usr/local/man:\ > :nologin=/var/run/nologin:\ > :cputime=1h30m:\ > :datasize=8M:\ > :stacksize=2M:\ > :memorylocked=4M:\ > :memoryuse=8M:\ > :filesize=8M:\ > :coredumpsize=8M:\ > :openfiles=24:\ > :maxproc=32:\ > :priority=0:\ > :requirehome:\ > :passwordtime=90d:\ > :umask=002:\ > :ignoretime@:\ > :tc=default: > > default:\ > :cputime=infinity:\ > :datasize-cur=22M:\ > :stacksize-cur=8M:\ > :memorylocked-cur=10M:\ > :memoryuse-cur=30M:\ > :filesize=infinity:\ > :coredumpsize=infinity:\ > :maxproc-cur=64:\ > :openfiles-cur=64:\ > :priority=0:\ > :requirehome@:\ > :umask=022:\ > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message -- Brian O'Shea boshea@ricochet.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message