Date: Wed, 21 Feb 2001 17:04:07 -0600 From: Lucas Bergman <lucas@slb.to> To: Jurriaan de Boer <jfdeboer@euronet.nl> Cc: freebsd-questions@freebsd.org Subject: Re: Being worked on ? Message-ID: <20010221170406.B16575@billygoat.slb.to> In-Reply-To: <20010221214600.A85555@system9.euronet.nl>; from jfdeboer@euronet.nl on Wed, Feb 21, 2001 at 09:46:00PM %2B0100 References: <20010221214600.A85555@system9.euronet.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> How come this still is possible in FreeBSD 4.2-STABLE...: > > http://security-archive.merton.ox.ac.uk/archive-200006/0083.html > > [On my box network is down for ~4 minutes but luckily comes up after > that again] The socket buffer overflow was resolved with patches dating September 1999, since before 4.0-RELEASE, with the addition of the "sbsize" (RLIMIT_SBSIZE) resource limit. Just set the resource limit to some reasonable, finite number, say 2 MB. The reason the socket buffer chewing exploit worked on your 4-STABLE machine is because the limit is infinite in the default login.conf. Kindly do your homework before mailing -bugs. > What a crap that this hasn't been resolved yet... What a crap, indeed. Lucas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010221170406.B16575>