From owner-freebsd-security Wed Sep 1 19:12:35 1999 Delivered-To: freebsd-security@freebsd.org Received: from jade.chc-chimes.com (jade.chc-chimes.com [216.28.46.6]) by hub.freebsd.org (Postfix) with ESMTP id 4CE1714E9F for ; Wed, 1 Sep 1999 19:12:33 -0700 (PDT) (envelope-from billf@jade.chc-chimes.com) Received: by jade.chc-chimes.com (Postfix, from userid 1001) id 9E9A61C0E; Wed, 1 Sep 1999 21:14:53 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by jade.chc-chimes.com (Postfix) with ESMTP id 8EFBA3817; Wed, 1 Sep 1999 21:14:53 -0400 (EDT) Date: Wed, 1 Sep 1999 21:14:53 -0400 (EDT) From: Bill Fumerola To: Don Lewis Cc: Garrett Wollman , Nick Hibma , FreeBSD -- The Power to Serve , Mike Tancsa , freebsd-security@FreeBSD.ORG Subject: Re: FW: Local DoS in FreeBSD In-Reply-To: <199909020205.TAA08666@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 1 Sep 1999, Don Lewis wrote: > It should be possible to track the overall socket buffer space for each > UID, but how do you enforce the limit? Do you cause the socket(), > socketpair(), accept(), and setsockopt() calls to fail? Will userland > code react well to this? Any good code uses errx() or one of it's cousins. 53 ECONNABORTED Software caused connection abort. A connection abort was caused internal to your host machine. looks like a good thing to return when that is the case. -- - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerol@computerhorizons.com - billf@FreeBSD.org - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message