From owner-freebsd-stable Wed Aug 16 16: 0:15 2000 Delivered-To: freebsd-stable@freebsd.org Received: from mail.fpsn.net (mail.fpsn.net [63.224.69.57]) by hub.freebsd.org (Postfix) with ESMTP id 2087237B7ED for ; Wed, 16 Aug 2000 16:00:10 -0700 (PDT) (envelope-from simon@optinet.com) Received: from sharky (adsl-151-202-97-90.bellatlantic.net [151.202.97.90]) by mail.fpsn.net (8.9.3/8.9.3) with SMTP id CAA16563 for ; Thu, 17 Aug 2000 02:34:37 -0600 (MDT) (envelope-from simon@optinet.com) Message-Id: <200008170834.CAA16563@mail.fpsn.net> From: "Simon" To: "freebsd-stable@FreeBSD.ORG" Date: Wed, 16 Aug 2000 19:03:03 -0400 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195) In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: your mail Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG open files per process won't prevent a DoS afaik. What would is an open files per *uid* just like there is maxprocperuid limit. I wonder why there is no such a thing. Am I missing something or there simply no open files per UID kernel limit? -Simon On Wed, 16 Aug 2000 16:50:55 -0400 (EDT), Chris D. Faulhaber wrote: >On Wed, 16 Aug 2000, Roman Shterenzon wrote: > >> Hi, >> >> In the shipping param.c file the maxfilesperproc is made equal to overall >> maxfiles, e.g. kern.maxfiles=kern.maxfilesperproc. >> This creates a possibility of DoS, or I'm missing something? >> Perhaps it's better to leave some minimal window for other processes? >> Or even make it fraction of maxfiles? >> > >Or properly configure login classes so lusers cannot reach maxfiles > >----- >Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org >-------------------------------------------------------- >FreeBSD: The Power To Serve - http://www.FreeBSD.org > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message