From owner-freebsd-stable  Sat Mar 17 14:57: 6 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from prism.flugsvamp.com (cb58709-a.mdsn1.wi.home.com [24.17.241.9])
	by hub.freebsd.org (Postfix) with ESMTP id BEED437B718
	for <stable@freebsd.org>; Sat, 17 Mar 2001 14:57:04 -0800 (PST)
	(envelope-from jlemon@flugsvamp.com)
Received: (from jlemon@localhost)
	by prism.flugsvamp.com (8.11.0/8.11.0) id f2HMrZ008412;
	Sat, 17 Mar 2001 16:53:35 -0600 (CST)
	(envelope-from jlemon)
Date: Sat, 17 Mar 2001 16:53:35 -0600 (CST)
From: Jonathan Lemon <jlemon@flugsvamp.com>
Message-Id: <200103172253.f2HMrZ008412@prism.flugsvamp.com>
To: dillon@earth.backplane.com, stable@freebsd.org
Subject: Re: Not only ftpd's problem with ls */../*..... 
X-Newsgroups: local.mail.freebsd-stable
In-Reply-To: <local.mail.freebsd-stable/200103172135.f2HLZgT96041@earth.backplane.com>
References: <local.mail.freebsd-stable/200103172107.f2HL7Ea02611@cwsys.cwsent.com>
Organization: 
Cc: 
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In article <local.mail.freebsd-stable/200103172135.f2HLZgT96041@earth.backplane.com> you write:
>    These glob patches to libc are totally inappropriate.   If there is a
>    problem with DOS attacks in ftp, the solution is to add a simple API
>    call to set the limit (the default being unlimited) and then make ftp use
>    it.

Yes, I'm considering the following:

	gl_flags |= GLOB_MAXFILES
	gl_match = filemax

Since gl_match is only used as an input parameter at the moment.
Another approach is to limit the number of bytes returned to ARG_MAX,
but I somewhat dislike that; it makes more sense to me to specify the
number of paths instead.
--
Jonathan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message