Re: Linux kernels DoSable by file-max limit

From: Jim Breton (jamesb-bugtraqat_private)
Date: Tue Jul 09 2002 - 18:04:26 PDT

Next message: Marc Maiffret: "EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability"

Previous message: hubbelyoat_private: "Re: iPlanet Remote File Viewing"
In reply to: Michal Zalewski: "Re: Linux kernels DoSable by file-max limit"
Next in thread: elvat_private: "Re: Linux kernels DoSable by file-max limit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 08, 2002 at 09:30:34PM -0400, Michal Zalewski wrote:
> And they can still most likely bypass your limit by putting something
> smart in their .procmailrc / .forward / .qmail, or in so many other ways.

One could use 'initscript' to plug many of those holes:

INITSCRIPT(5)  Linux System Administrator's Manual  INITSCRIPT(5)

NAME
       initscript - script that executes inittab commands.

SYNOPSIS
       /bin/sh /etc/initscript id runlevels action process

       When  the  shell  script  /etc/initscript is present, init
       will use it to execute the commands  from  inittab.   This
       script  can  be  used  to set things like ulimit and umask
       default values for every process.

Next message: Marc Maiffret: "EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability"
Previous message: hubbelyoat_private: "Re: iPlanet Remote File Viewing"
In reply to: Michal Zalewski: "Re: Linux kernels DoSable by file-max limit"
Next in thread: elvat_private: "Re: Linux kernels DoSable by file-max limit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 16:29:48 PDT