Date: Fri, 2 Jun 2000 09:08:22 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Mike Tancsa <mike@sentex.ca> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug) Message-ID: <200006021608.JAA47864@apollo.backplane.com> References: <3.0.5.32.20000602093923.0309ed60@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
:>This seems to be doing the rounds with the script kiddies fairly quickly. :>I've attached it. :>(originally found at: http://ls.si.ru/tmp/FreeBSDDEATH.c.txt - dumped :>by some skr1pt k1dd1es on irc) If you go back one day Oleg posted the same snippit. It is possible to lockup a machine with this code, but the program isn't going to be very effective on any machine with public shell accounts if that machine has quotas enabled. I put quotas on every partition users had access to at BEST, including /tmp (100MB quota). In fact, /tmp turned out to be the single most important partition to put a quota on due to the sheer number of programs that just assumed it would never fill up (and the sheer number of bozo users who would use /tmp to unpack warez and never delete any of it). I should be able to get a fix in this weekend. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006021608.JAA47864>