From owner-freebsd-hackers Mon Nov 10 02:00:39 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id CAA18692 for hackers-outgoing; Mon, 10 Nov 1997 02:00:39 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from webfarm1.whistle.com (webfarm1.whistle.com [207.76.204.6]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id CAA18675 for ; Mon, 10 Nov 1997 02:00:34 -0800 (PST) (envelope-from julian@whistle.com) Received: (from smap@localhost) by webfarm1.whistle.com (8.8.5/8.8.5) id CAA18976 for ; Mon, 10 Nov 1997 02:00:33 -0800 (PST) X-Authentication-Warning: webfarm1.whistle.com: smap set sender to using -f Received: from alpo.whistle.com(alpo.isp.whistle.com 207.76.204.38) by webfarm1.whistle.com via smap (V2.0) id xmaa18971; Mon, 10 Nov 97 02:00:14 -0800 Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id BAA06864; Mon, 10 Nov 1997 01:44:11 -0800 (PST) Received: from UNKNOWN(), claiming to be "current1.whistle.com" via SMTP by alpo.whistle.com, id smtpd006861; Mon Nov 10 01:44:03 1997 Date: Mon, 10 Nov 1997 01:42:12 -0800 (PST) From: Julian Elischer To: Joerg Wunsch cc: hackers@FreeBSD.ORG Subject: Re: How useful is this patch? In-Reply-To: <19971110081446.UX03181@uriah.heep.sax.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 10 Nov 1997, J Wunsch wrote: > As Archie Cobbs wrote: > > > > Problem: you can cause someone else a DoS attack by maliciously > > > filling his home directory. > > > > This attack would require that you have given the other user write > > permission to your home directory, at least. > > ...or somewhere below your home directory. But well, if you don't > want this, what's the sense behind it at all? :-) > We set up our servers with the home directory elsewhere.. the users can't get to it :) and user never get to execute ANYTHONG (including a shell) in fact I hope to mount that drive -noexec soon.