From owner-cvs-all  Thu Aug 27 21:55:58 1998
Return-Path: <owner-cvs-all>
Received: (from daemon@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA21706
          for cvs-all-outgoing; Thu, 27 Aug 1998 21:55:58 -0700 (PDT)
          (envelope-from owner-cvs-all)
Received: from burka.rdy.com (burka.rdy.com [205.149.163.30])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA21700;
          Thu, 27 Aug 1998 21:55:57 -0700 (PDT)
          (envelope-from dima@burka.rdy.com)
Received: (from dima@localhost)
	by burka.rdy.com (8.8.8/RDY&DVV) id VAA05971;
	Thu, 27 Aug 1998 21:54:58 -0700 (PDT)
Message-Id: <199808280454.VAA05971@burka.rdy.com>
Subject: Re: cvs commit: src/sbin/ping ping.8 ping.c
In-Reply-To: <Pine.BSF.4.00.9808272056550.1373-100000@zippy.dyn.ml.org> from Alex at "Aug 27, 1998  9: 2:42 pm"
To: garbanzo@hooked.net (Alex)
Date: Thu, 27 Aug 1998 21:54:57 -0700 (PDT)
Cc: dillon@backplane.com, obrien@NUXI.com, cvs-committers@FreeBSD.ORG,
        cvs-all@FreeBSD.ORG
X-Class: Fast
Organization: HackerDome
Reply-To: dima@best.net
From: dima@best.net (Dima Ruban)
X-Mailer: ELM [version 2.4ME+ PL45 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-cvs-all@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Alex writes:
> On Thu, 27 Aug 1998, Matthew Dillon wrote:
> [...]
> >     Well, it seems to be too contentious an issue, nobody is willing to
> >     take a longer-term view.  The -c restritions were already taken out so no
> >     further mods should be necessary.  I think it's a big mistake, though,
> >     the default should not be infinite packets.
> 
> So make it configurable.  I think I saw a /etc/security.conf suggested,
> and IMO that would be a nice addition, to be able to tweak this kinda
> stuff.  I mean, I use FreeBSD on a home computer, if I'm pinging someone,
> I like to wait until I feel ready to hit ctrl-c (obviously a DoS from a
> 33.6 modem is unlikely).  A preset hardcoded limit would be a hinderance
> for me.  It seems to me the ability to turn it on for certian users would
> be the best of both worlds.

It doesn't have anything to do with security. We should have something like
/etc/defaults.conf or something like that.

> If you were really paranoid, you'd most likely set some kind of limit to
> how many pings/hour a user could send out, taking in account the size of
> the packets sent.
> 
> - alex
> 
> | "Contrary to popular belief, penguins are not the salvation of modern  |
> | technology.  Neither do they throw parties for the urban proletariat." |
> | Powered by FreeBSD                            http://www.freebsd.org/  |
> 

-- dima