From owner-freebsd-security Wed Sep 1 16: 1:25 1999 Delivered-To: freebsd-security@freebsd.org Received: from granite.sentex.net (granite.sentex.ca [199.212.134.1]) by hub.freebsd.org (Postfix) with ESMTP id 2FF8A155BA for ; Wed, 1 Sep 1999 16:01:15 -0700 (PDT) (envelope-from mike@sentex.net) Received: from gravel (ospf-mdt.sentex.net [205.211.164.81]) by granite.sentex.net (8.8.8/8.6.9) with SMTP id SAA23633; Wed, 1 Sep 1999 18:59:20 -0400 (EDT) Message-Id: <4.1.19990901191051.04e80570@granite.sentex.ca> X-Sender: mdtancsa@granite.sentex.ca X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 01 Sep 1999 19:11:51 -0400 To: Garrett Wollman From: Mike Tancsa Subject: Re: FW: Local DoS in FreeBSD Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <199909012046.QAA07324@khavrinen.lcs.mit.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >We have known for some time that the problem originally described >exists, but developing an acceptable solution has been a challenge. >Now that sockets carry around user credentials, it may perhaps not be >as difficult as it used to be. > >What needs to be done is to impose a per-UID resource limit on the >amount of socket buffer space available. Do you think these changes would be incorporated into the 3.x branch, or strictly 4.x ? ---Mike ********************************************************************** Mike Tancsa, Network Admin * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 01.519.651.3400 Canada * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message