From owner-freebsd-security Thu Nov 21 9:52:15 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE3BE37B401 for ; Thu, 21 Nov 2002 09:52:13 -0800 (PST) Received: from bas.flux.utah.edu (bas.flux.utah.edu [155.98.60.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 65DD343E42 for ; Thu, 21 Nov 2002 09:52:13 -0800 (PST) (envelope-from danderse@flux.utah.edu) Received: from bas.flux.utah.edu (localhost [127.0.0.1]) by bas.flux.utah.edu (8.12.5/8.12.5) with ESMTP id gALHq4As080266 for ; Thu, 21 Nov 2002 10:52:04 -0700 (MST) (envelope-from danderse@bas.flux.utah.edu) Received: (from danderse@localhost) by bas.flux.utah.edu (8.12.5/8.12.5/Submit) id gALHq44J080265 for freebsd-security@freebsd.org; Thu, 21 Nov 2002 10:52:04 -0700 (MST) Date: Thu, 21 Nov 2002 10:52:04 -0700 From: "David G. Andersen" To: freebsd-security@freebsd.org Subject: File table exhaustion patch Message-ID: <20021121105204.B75421@cs.utah.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In PR 45353, I've submitted a patch to reserve a handfull of file table entries for root-only use, to mitigate the effects of user processes that leak file descriptors: http://www.freebsd.org/cgi/query-pr.cgi?pr=45353 Even with per-process file descriptor limits, it's pretty easy for a buggy program that does any kind of forking to run the system out of file table entries (or for a malicious user to do so). The patch above is trivial, and at least enables root to login and fix things up a bit. I've been running it locally for about a week, and it's happy. Is the form of the solution acceptable? (And if so, anyone interested in committing it to -current for a while? ;-) -Dave -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ I do not accept unsolicited commercial email. Do not spam me. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message