From owner-freebsd-current Tue Apr 13 5:59: 7 1999 Delivered-To: freebsd-current@freebsd.org Received: from kot.ne.mediaone.net (kot.ne.mediaone.net [24.218.12.203]) by hub.freebsd.org (Postfix) with ESMTP id DBB1A14CA9 for ; Tue, 13 Apr 1999 05:59:04 -0700 (PDT) (envelope-from mi@kot.ne.mediaone.net) Received: (from mi@localhost) by kot.ne.mediaone.net (8.9.1a/8.9.1) id IAA08835; Tue, 13 Apr 1999 08:56:22 -0400 (EDT) From: Mikhail Teterin Message-Id: <199904131256.IAA08835@kot.ne.mediaone.net> Subject: Re: DoS from local users (fwd) In-Reply-To: <199904131150.EAA14736@apollo.backplane.com> from Matthew Dillon at "Apr 13, 1999 04:50:19 am" To: dillon@apollo.backplane.com (Matthew Dillon) Date: Tue, 13 Apr 1999 08:56:21 -0400 (EDT) Cc: current@freebsd.org X-Face: %UW#n0|w>ydeGt/b@1-.UFP=K^~-:0f#O:D7w hJ5G_<5143Bb3kOIs9XpX+"V+~$adGP:J|SLieM31VIhqXeLBli". Look, here is a little script, which allows any user to perform a DoS attack! <. Khmm, yes indeed, but you can remove any user who does this. >. But shouldn't the system be able to sustain/detect this sort of attack? [... Nice theoretical discussion is skipped. ...] <. No, it is your responsibility as a sysop, do not give accounts to those you don't trust. >. Oh, well, but what about public-shell systems? <. Public shell systems are a bad idea! >. Just because FreeBSD can not handle it, does not mean the task itself is a bad idea... <. [Now we are all upset, flames start to light the sky]: . FreeBSD handles this here and here! . No OS will handle it quite right... . You just need to be a better sysop. >. Sorry, no offense meant... Why don't we admit this possibility exists (as well as many others, perhaps) for a local user to cause a DoS and may be someday someone will address it? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message