From owner-freebsd-questions Wed Feb 21 15: 3:51 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dsl-64-193-218-89.telocity.com (dsl-64-193-218-89.telocity.com [64.193.218.89]) by hub.freebsd.org (Postfix) with SMTP id 2CB7537B4EC for ; Wed, 21 Feb 2001 15:03:48 -0800 (PST) (envelope-from lucas@slb.to) Received: (qmail 9930 invoked by uid 1000); 21 Feb 2001 23:04:07 -0000 Date: Wed, 21 Feb 2001 17:04:07 -0600 From: Lucas Bergman To: Jurriaan de Boer Cc: freebsd-questions@freebsd.org Subject: Re: Being worked on ? Message-ID: <20010221170406.B16575@billygoat.slb.to> Reply-To: lucas@slb.to References: <20010221214600.A85555@system9.euronet.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010221214600.A85555@system9.euronet.nl>; from jfdeboer@euronet.nl on Wed, Feb 21, 2001 at 09:46:00PM +0100 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > How come this still is possible in FreeBSD 4.2-STABLE...: > > http://security-archive.merton.ox.ac.uk/archive-200006/0083.html > > [On my box network is down for ~4 minutes but luckily comes up after > that again] The socket buffer overflow was resolved with patches dating September 1999, since before 4.0-RELEASE, with the addition of the "sbsize" (RLIMIT_SBSIZE) resource limit. Just set the resource limit to some reasonable, finite number, say 2 MB. The reason the socket buffer chewing exploit worked on your 4-STABLE machine is because the limit is infinite in the default login.conf. Kindly do your homework before mailing -bugs. > What a crap that this hasn't been resolved yet... What a crap, indeed. Lucas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message