Date: Sat, 10 Apr 1999 22:48:48 +0200 From: Thierry Herbelot <herbelot@cybercable.fr> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-current@FreeBSD.ORG Subject: Re: DoS from local users (fwd) Message-ID: <370FB930.6EE6A95C@cybercable.fr> References: <199904102030.NAA08796@rah.star-gate.com> <199904102037.NAA01262@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Let's remember a motto of J. Pournelle of the late Byte : one User, more than one CPU (let people hog their workstation as much as they want ...) And another good resolution : no shell accounts for normal users on sensitive servers (no lusers which could want to DoS the servers allowed) Every base covered ? Cheers TfH Matthew Dillon wrote: > > : > :It should be possible to prevent a user from hogging a system if the system's > :naive scheduler is improved. > : > : Amancio > > No, it isn't. For a very simple reason: The resources users need to do > real work are very similar to the resources users need to hog the system. > > Saying that the system should somehow be able to magically make the > distinction between the two is a pipedream. It takes a human to make > the distinction. > > Short of restricting the resources you give to users to the point where > they can't even start a mail or news client, there is just no way to > prevent said users from loading down the machine if they choose to. > > -Matt > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?370FB930.6EE6A95C>