Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 1 Sep 1999 14:10:32 -0600 (MDT)
From:      FreeBSD -- The Power to Serve <geniusj@free-bsd.org>
To:        Mike Tancsa <mike@sentex.net>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: FW: Local DoS in FreeBSD
Message-ID:  <Pine.BSF.4.10.9909011409520.19266-100000@free-bsd.org>
In-Reply-To: <3.0.5.32.19990901140428.01f197b0@staff.sentex.ca>

next in thread | previous in thread | raw e-mail | index | archive | help
Exactly what I mean! Limit file descriptors, and it also uses a lot of CPU
time so you can limit that too.. It will never crash the system with the
proper limits set :). They can run it all they want.


On Wed, 1 Sep 1999, Mike Tancsa wrote:

> At 11:49 AM 9/1/99 -0600, FreeBSD -- The Power to Serve wrote:
> >If you have public access users, you should have login accounting in the
> >first place.. and yes, it does stop it :).. I verified this on a 3.2 box
> >with my login accounting setup..
> 
> How does accounting stop it ?  Or do you mean it just discourages users
> from doing it ? How much overhead does accounting add to the system ?
> Also, limiting the amount of file descriptors can prevent it, as the 'bug'
> is essentially a resource starving issue (e.g. fork bomb)
> 
> 	---Mike
> ------------------------------------------------------------------------
> Mike Tancsa,                          	          tel 01.519.651.3400
> Network Administrator,     			  mike@sentex.net
> Sentex Communications                 		  www.sentex.net
> Cambridge, Ontario Canada
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9909011409520.19266-100000>