From owner-freebsd-security  Tue Sep  7  6:55:52 1999
Delivered-To: freebsd-security@freebsd.org
Received: from backup.af.speednet.com.au (af.speednet.com.au [202.135.206.244])
	by hub.freebsd.org (Postfix) with ESMTP id 3EC8215582
	for <freebsd-security@FreeBSD.ORG>; Tue,  7 Sep 1999 06:55:46 -0700 (PDT)
	(envelope-from andyf@speednet.com.au)
Received: from localhost (localhost [127.0.0.1])
	by backup.af.speednet.com.au (8.9.3/8.9.3) with ESMTP id XAA22866;
	Tue, 7 Sep 1999 23:52:27 +1000 (EST)
	(envelope-from andyf@speednet.com.au)
Date: Tue, 7 Sep 1999 23:52:27 +1000 (EST)
From: Andy Farkas <andyf@speednet.com.au>
X-Sender: andyf@localhost
To: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: FW: Local DoS in FreeBSD
In-Reply-To: <xzpbtblzs2y.fsf@flood.ping.uio.no>
Message-ID: <Pine.BSF.4.10.9909072351250.22466-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On 2 Sep 1999, Dag-Erling Smorgrav wrote:

> > If you have it set so that it does SUID for cgi and runs it as the user or
> > uses the users accounting limits, it won't work.. and yes, you should set
> > some sensible apache limits per user on that stuff, I know its possible.
> 
> Apache's suEXEC wrapper doesn't enforce user limits.

See ports/13606.

> 
> DES
> -- 
> Dag-Erling Smorgrav - des@flood.ping.uio.no
> 

--
 
 :{ andyf@speednet.com.au
  
        Andy Farkas
    System Administrator
   Speednet Communications
 http://www.speednet.com.au/
  




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message