Date: Sat, 17 Mar 2001 16:53:35 -0600 (CST) From: Jonathan Lemon <jlemon@flugsvamp.com> To: dillon@earth.backplane.com, stable@freebsd.org Subject: Re: Not only ftpd's problem with ls */../*..... Message-ID: <200103172253.f2HMrZ008412@prism.flugsvamp.com> In-Reply-To: <local.mail.freebsd-stable/200103172135.f2HLZgT96041@earth.backplane.com> References: <local.mail.freebsd-stable/200103172107.f2HL7Ea02611@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <local.mail.freebsd-stable/200103172135.f2HLZgT96041@earth.backplane.com> you write: > These glob patches to libc are totally inappropriate. If there is a > problem with DOS attacks in ftp, the solution is to add a simple API > call to set the limit (the default being unlimited) and then make ftp use > it. Yes, I'm considering the following: gl_flags |= GLOB_MAXFILES gl_match = filemax Since gl_match is only used as an input parameter at the moment. Another approach is to limit the number of bytes returned to ARG_MAX, but I somewhat dislike that; it makes more sense to me to specify the number of paths instead. -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103172253.f2HMrZ008412>