Date: Mon, 9 Aug 1999 13:19:28 -0700 (PDT) From: Kip Macy <kip@lyris.com> To: Marc Olzheim <marcolz@stack.nl> Cc: Greg Lynn <dglynn@vaview5.vavu.vt.edu>, freebsd-stable@freebsd.org Subject: Re: testsockbuf.c Message-ID: <Pine.SOL.4.05.9908091318380.5933-100000@luna> In-Reply-To: <19990809213449.A5585@stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
Would raising the number of NMBCLUSTERS help? Or would it just postpone the problem? Solaris/x86 also does not have any problems with the code. -Kip On Mon, 9 Aug 1999, Marc Olzheim wrote: > > Isn't this a huge problem for ordinary users on a system?? I mean > > there aren't any user restrictions on sockets right? I imagine > > there will be some sort of follow up on this exploit? > > Well, there is a 256k limit per socket of the buffer (I & O), try > sysctl kern.maxsockbuf and you can limit the number of sockets with > the maximum number of filedescriptors per process (ulimit -a), but that's > just not safe enough. > > It seems that the kernel doesn't check wether the space it wants to > allocate still exists or not. > > Marc > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.05.9908091318380.5933-100000>