From owner-freebsd-stable  Mon Aug  9 12:37: 6 1999
Delivered-To: freebsd-stable@freebsd.org
Received: from soms.stack.nl (soms.stack.nl [131.155.141.134])
	by hub.freebsd.org (Postfix) with ESMTP id B43431519E
	for <freebsd-stable@freebsd.org>; Mon,  9 Aug 1999 12:37:03 -0700 (PDT)
	(envelope-from marcolz@stack.nl)
Received: from toad.stack.nl (toad.stack.nl [131.155.140.135])
	by soms.stack.nl (Postfix) with ESMTP
	id 2B634EF57; Mon,  9 Aug 1999 21:34:49 +0200 (CEST)
Received: by toad.stack.nl (Postfix, from userid 333)
	id 37C1D969E; Mon,  9 Aug 1999 21:34:49 +0200 (CEST)
Date: Mon, 9 Aug 1999 21:34:49 +0200
From: Marc Olzheim <marcolz@stack.nl>
To: Greg Lynn <dglynn@vaview5.vavu.vt.edu>
Cc: Marc Olzheim <marcolz@stack.nl>, freebsd-stable@freebsd.org
Subject: Re: testsockbuf.c
Message-ID: <19990809213449.A5585@stack.nl>
References: <19990809212324.A4984@stack.nl> <Pine.BSF.3.96.990809152359.1209A-100000@vaview5.vavu.vt.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.6i
In-Reply-To: <Pine.BSF.3.96.990809152359.1209A-100000@vaview5.vavu.vt.edu>; from Greg Lynn on Mon, Aug 09, 1999 at 03:26:24PM -0400
X-Operating-System: FreeBSD toad.stack.nl 2.2.8-STABLE FreeBSD 2.2.8-STABLE
X-URL: http://www.stack.nl/~marcolz/
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> Isn't this a huge problem for ordinary users on a system??  I mean
> there aren't any user restrictions on sockets right?  I imagine
> there will be some sort of follow up on this exploit?

Well, there is a 256k limit per socket of the buffer (I & O), try
sysctl kern.maxsockbuf and you can limit the number of sockets with
the maximum number of filedescriptors per process (ulimit -a), but that's
just not safe enough.

It seems that the kernel doesn't check wether the space it wants to
allocate still exists or not.

Marc


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message