On Fri, 27 Aug 1999, L. Sassaman wrote:
> This was first posted to the FreeBSD security list on the 9th of August,
> subsequently discussed on freebsd-stable and freebsd-hackers... no one
> seems to care, even though it is able to lock up 2.2.6, 2.2.8, and 3.2.x
> machines consistantly. I have also been told that it affects NetBSD and
> OpenBSD, though I haven't confirmed it.
Standard resource drain DoS..
> Someone with the know-how care to fix?
man login.conf
login.conf on *BSDs can be used to set resource limits for users,
CPUtime, memory locked etc etc...
I removed my limits on a user and was able to overload my machine (BSDI
4.0), after putting my limits back on there is no problem..
Anyone that is not using a login.conf or other type of resource
restriction is asking for punishment..
More of a 'bug' in the setup / configuration of the system on the admin's
part, not on the OS if you ask me..
my $.02 deposited..
cheers,
--
jason
