Date: Mon, 16 Feb 2004 15:07:20 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Maxim Konovalov <maxim@macomnet.ru> Cc: current@FreeBSD.org Subject: Re: Jails that keep hanging around Message-ID: <20040216140720.GE14639@garage.freebsd.pl> In-Reply-To: <20040216164605.S19111@news1.macomnet.ru> References: <200402151714.26631.freebsd-current@webteckies.org> <20040215191756.P49729@news1.macomnet.ru> <20040216133617.GD14639@garage.freebsd.pl> <20040216164605.S19111@news1.macomnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--vZRzFRtr9HMcP32e Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 16, 2004 at 04:47:25PM +0300, Maxim Konovalov wrote: +> > If there is no objections I'm going to commit it tomorrow. +>=20 +> What I really do not understand why we do not leak in non-jail +> environment? I'm sure we are, this is just hard to check, because we don't have list with allocated 'cred' structures. But try to do your test without a jail and track 2nd column in: # sysctl kern.malloc | grep cred Number of objects grows when I'm killing daemon while connection exists. I'm wondering if this cannot be used to some DoS attack. --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --vZRzFRtr9HMcP32e Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQFAMM6YForvXbEpPzQRAi3jAJ0WNABRpMNwdDJIb8lsSN3BCe0TDwCgw/3N dDMbuK+aq12aU8HvNfRquX4= =6gDP -----END PGP SIGNATURE----- --vZRzFRtr9HMcP32e--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040216140720.GE14639>