From owner-freebsd-bugs Fri Sep 20 10: 6:11 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5AAB537B401; Fri, 20 Sep 2002 10:06:10 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A6A943E42; Fri, 20 Sep 2002 10:06:10 -0700 (PDT) (envelope-from schweikh@FreeBSD.org) Received: from freefall.freebsd.org (schweikh@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g8KH67Co006030; Fri, 20 Sep 2002 10:06:07 -0700 (PDT) (envelope-from schweikh@freefall.freebsd.org) Received: (from schweikh@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g8KH675f006010; Fri, 20 Sep 2002 10:06:07 -0700 (PDT) Date: Fri, 20 Sep 2002 10:06:07 -0700 (PDT) From: Jens Schweikhardt Message-Id: <200209201706.g8KH675f006010@freefall.freebsd.org> To: ports@geeksrus.net, schweikh@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: bin/42772: usr.bin/make: patch to stop a fork bomb Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Synopsis: usr.bin/make: patch to stop a fork bomb State-Changed-From-To: open->feedback State-Changed-By: schweikh State-Changed-When: Fri Sep 20 10:01:16 PDT 2002 State-Changed-Why: I don't like this for various reasons. 1) It does not solve the root cause (ports variables leading to recursions in make) Can this be solved in bsd.port.mk? 2) Fork Bomb DoS attacks should not be handled by hardening all the potential utilities (you can't prevent them in shells etc). They can be addressed by resource limits in login.conf(5), maxproc. 3) The patch uses Hungarian Notation which is as far from BSD style as it gets :-) http://www.freebsd.org/cgi/query-pr.cgi?pr=42772 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message