Date: Fri, 18 Feb 2000 22:28:56 +0200 From: Mark Murray <mark@grondar.za> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: current@FreeBSD.org Subject: Re: Crypto progress! (And a Biiiig TODO list) Message-ID: <200002182028.WAA28733@gratis.grondar.za> In-Reply-To: <200002181556.KAA86357@khavrinen.lcs.mit.edu> ; from Garrett Wollman <wollman@khavrinen.lcs.mit.edu> "Fri, 18 Feb 2000 10:56:07 EST." References: <200002181556.KAA86357@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> <<On Fri, 18 Feb 2000 09:43:03 +0200, Mark Murray <mark@grondar.za> said: > > > o A username may only be checked $number times per $timeperiod; > > after that, _all_ answers are silently converted to "no". > > Easier: a username may only be checked by a process running as $uid > or by root. ... added to the list of possibles. > > ... etc. There are possibilities for DoS attacks, but the daemon > > talks only to a Unix Domain Socket, so finding the perp is easy. > > And what happens when the daemon is dead, has crashed, or was never > started? Answer is "no". Possible DoS attack to be addressed. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200002182028.WAA28733>