From owner-freebsd-security  Tue May 30 23:13:25 2000
Delivered-To: freebsd-security@freebsd.org
Received: from Athena.za.net (athena.za.net [196.30.167.200])
	by hub.freebsd.org (Postfix) with ESMTP id 2045837B7F3
	for <freebsd-security@FreeBSD.ORG>; Tue, 30 May 2000 23:13:18 -0700 (PDT)
	(envelope-from jus@security.za.net)
Received: from localhost (jus@localhost)
	by Athena.za.net (8.9.3/8.9.3) with ESMTP id IAA00404;
	Wed, 31 May 2000 08:11:46 +0200 (SAST)
	(envelope-from jus@security.za.net)
X-Authentication-Warning: Athena.za.net: jus owned process doing -bs
Date: Wed, 31 May 2000 08:10:31 +0200 (SAST)
From: Justin Stanford <jus@security.za.net>
X-Sender: jus@Athena.za.net
To: Matt Heckaman <matt@ARPA.MAIL.NET>
Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
	FreeBSD-SECURITY <freebsd-security@FreeBSD.ORG>
Subject: Re: Local FreeBSD, OpenBSD, NetBSD, DoS Vulnerability (fwd)
In-Reply-To: <Pine.BSF.4.21.0005310204330.6246-100000@epsilon.lucida.qc.ca>
Message-ID: <Pine.BSF.4.21.0005310810050.373-100000@Athena.za.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Take a look at the sample login.conf entry on http://www.security.za.net
(News Section) - this has proven to prevent the DoS from working.

Regards,
jus

--
Justin Stanford
082 7402741
jus@security.za.net
www.security.za.net
IT Security and Solutions


On Wed, 31 May 2000, Matt Heckaman wrote:

> On Tue, 30 May 2000, Garrett Wollman wrote:
> [...]
> : ITYM ``see `man setrlimit' with special attention to RLIMIT_SBSIZE''.
> : `man limit' doesn't provide any useful information at all.
> 
> Yes, I see what you mean and understand RLIMIT_SBSIZE, but just how is
> that set on a machine wide-all-users scale? From what I can tell from
> login.conf(5) there's no resource for it.
> 
> RESOURCE LIMITS
>      Name            Type      Notes     Description
>      cputime         time                CPU usage limit.
>      filesize        size                Maximum file size limit.
>      datasize        size                Maximum data size limit.
>      stacksize       size                Maximum stack size limit.
>      coredumpsize    size                Maximum coredump size limit.
>      memoryuse       size                Maximum of core memory use size
>                                          limit.
>      memorylocked    size                Maximum locked in core memory size
>                                          limit.
>      maxproc         number              Maximum number of processes.
>      openfiles       number              Maximum number of open files per
>                                          process.
> ...
> 
> Is the manual page out of date and it's there, or is it not?
> 
> : -GAWollman
> 
> Regards,
> Matt Heckaman
> matt@arpa.mail.net
> http://www.lucida.qc.ca
> ------------ Output from pgp ------------
> Opening file "/home/jus/pgp4pine.tmp" type text.
> Signature by unknown keyid: 0xC0355390
> Opening file "/dev/null" type text.
> 
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message