On Wed, 16 Oct 2002, Jamie - i-Dot wrote: > I would like to lock down a few users aswell, who run some perl scripts, > which have the 'potential' to be used to resource starve the box...
yup, it only takes one malicious or simply clueless cgi user to DoS your box. it is very simple. it's a wonder it doesn't happen all the time (deducing from a singular lack of posts on Cobalt lists on this subject). or perhaps this is what all those unsolved "box suddenly stops responding" posts are. unless you happen to watch top at the same time you'd never catch the user. cgiwrap has resource limiting capabilities. it would make a lot of sense to use them. unfortunately, it looks like rlimit support was not enabled on the Cobalt install of cgiwrap. if anyone has successfully recompiled cgiwrap, without breaking anything, pointers would be most welcome. rgds, netcat _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
