On Tue, 2002-02-05 at 07:43, Guillaume Cottenceau wrote: > Bryan Paxton <[EMAIL PROTECTED]> writes: > > > [...] > > > > alemaire, as maintainer of gawk, do you have any thought? > > > > I missed this reply, so what is the status? > > He's official maintainer but apparently he doesn't care about his > packages. I'll have to have a look at that. > > > [...] > > > Your point (if you were trying to make one) is moot. > > Well I don't think so, it's obvious that with default > configuration a normal user (with a login) can DoS a machine very > easily.
Right, naturally, thus the need for reinforcement in default configuration. The reply you sent out regarding all the ulimit calls, I do think that is a bit much for your average user, but something along the lines of that. And like saying in the other email, msec already adds a few lines to PAM config (easier way of what you were doing with the ulimit). However, that can be circumvented... But, getting that configuration in the default config and in all the msec levels is a step in the right direction. My hope for GNU/Linux Mandrake is that it's not only easy to use, but it's also pretty secure in comparison to other distros. (which all this reminds me of something else I need to tend to : p) > > > but.. > > 1. There is a nasty bug in gawk > > 2. This bug can be used to consume resources || reach 100% CPU usage > > 3. This bug can trigger the above > > 4. There is a nasty bug in gawk > > 5. There is a nasty bug in gawk > > 6. Did I mention that's a pretty nasty bug? > > I'll have a look. > Sweet : ) Cheers -- Bryan Paxton Public PGP key: http://www.deadhorse.net/bpaxton.gpg "What laughter, why joy, when constantly aflame? Enveloped in darkness, don't you look for a lamp?" Dhp. 163
