From owner-freebsd-security Fri Mar 24 9:46:35 2000 Delivered-To: freebsd-security@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id 1620937B59C; Fri, 24 Mar 2000 09:46:26 -0800 (PST) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.9.3/8.9.3) id LAA40821; Fri, 24 Mar 2000 11:43:36 -0600 (CST) (envelope-from dan) Date: Fri, 24 Mar 2000 11:43:35 -0600 From: Dan Nelson To: Dungeonkeeper Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: shell issue Message-ID: <20000324114335.A35279@dan.emsphone.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.1.5i In-Reply-To: ; from "Dungeonkeeper" on Fri Mar 24 18:35:47 GMT 2000 X-OS: FreeBSD 5.0-CURRENT Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In the last episode (Mar 24), Dungeonkeeper said: > I believe that the shells have a maximum command lenght, so... I'm > trying now to make the shell use the same command lenght when > expanding such commands. I think this is the best way to avoid this > problem. Any ideas? The kernel has a maximum command-line length, but it that only gets checked when an external executable is run. Something like echo `cat /dev/urandom` would still work, since echo is usually a shell builtin command. The better way to stop malicious people from using up all your memory is to specify a datasize limit in /etc/login.conf . -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message