127.0.0.1 is just another interface. All possible errors can happen.
Imagine a server where the load is high enough that other processes don't
get to run much... they write to localhost, expecting what's on the other
end to get it, but the localhost interface buffers overflow.
Or the
SPASTIC Member wrote:
127.0.0.1 is just another interface. All possible errors can happen.
Imagine a server where the load is high enough that other processes don't
get to run much... they write to localhost, expecting what's on the other
end to get it, but the localhost interface buffers
On Wed, Nov 18, 1998, Ben Laurie wrote:
[...]
My $0.02, if it's worth anything. But if that's the way you code
Apache-SSL, I'm very glad my friend pointed me to mod_ssl.
If you want to use a system where programming errors are "corrected" by
removing the assertions that reveal them,
Ralf S. Engelschall wrote:
On Wed, Nov 18, 1998, Ben Laurie wrote:
[...]
My $0.02, if it's worth anything. But if that's the way you code
Apache-SSL, I'm very glad my friend pointed me to mod_ssl.
If you want to use a system where programming errors are "corrected" by
removing
On Sat, 31 Oct 1998, Ben Laurie wrote:
Ah, I also forgot to mention that an attacker with the ability to talk
to gcache can completely screw you with just legitimate messages - by
poisoning your cache. They can presumably also get access to session
keys. So, if anyone can talk to gcache
On Sat, 31 Oct 1998, Ben Laurie wrote:
This is far to general a criterion. Some kinds of I/O are completely
deterministic (given correct code). I agree that to assert on user input
is not a brilliant idea, but on a tightly linked client/server pair, it
seems to me no different to asserting
Marc Slemko wrote:
On Sat, 31 Oct 1998, Ben Laurie wrote:
Ah, I also forgot to mention that an attacker with the ability to talk
to gcache can completely screw you with just legitimate messages - by
poisoning your cache. They can presumably also get access to session
keys. So, if
On Sat, Oct 31, 1998, Ben Laurie wrote:
[...]
While you may think that the only way to run a SSL server is where no one
can login, no users can run any programs on it, etc. in the real world
that isn't always possible.
I have to say that my main interest is in secure servers. If people
Ralf S. Engelschall wrote:
On Sat, Oct 31, 1998, Ben Laurie wrote:
[...]
While you may think that the only way to run a SSL server is where no one
can login, no users can run any programs on it, etc. in the real world
that isn't always possible.
I have to say that my main
Ralf S. Engelschall wrote:
And now I ask me why _isn't_ this better? I don't understand it, Ben. IMHO
this non-assertion way _is_ better, because it prevents the system from being
dropped down (kind of DoS) by a local attacker
I'm happy to admit that is is a marginal improvement wrt a
On Fri, Oct 30, 1998, Ben Laurie wrote:
Ralf S. Engelschall wrote:
And now I ask me why _isn't_ this better? I don't understand it, Ben. IMHO
this non-assertion way _is_ better, because it prevents the system from being
dropped down (kind of DoS) by a local attacker
I'm happy to
Ah, I also forgot to mention that an attacker with the ability to talk
to gcache can completely screw you with just legitimate messages - by
poisoning your cache. They can presumably also get access to session
keys. So, if anyone can talk to gcache apart from Apache-SSL, you've had
it anyway.
On Sat, Oct 31, 1998, Ben Laurie wrote:
Ralf S. Engelschall wrote:
H??? Do you mean it cannot occur in practice? Or do I misunderstand you
here. As I said: We not even need an attacker: When an I/O read error occurs
for gcache it already falls down. So the DoS attacker is just the
On Sat, Oct 31, 1998, Ben Laurie wrote:
Ah, I also forgot to mention that an attacker with the ability to talk
to gcache can completely screw you with just legitimate messages - by
poisoning your cache. They can presumably also get access to session
keys. So, if anyone can talk to gcache
In article [EMAIL PROTECTED] you wrote:
[...a interesting discussion on the apache-ssl list with
Ben Laurie whether assertions in server code are reasonable or not...]
The discussion is pointless unless you can indicate a way in which it
makes Apache-SSL function incorrectly.
How about
On Fri, 30 Oct 1998, Ralf S. Engelschall wrote:
So on a typical system an attacker who gained access to _any_ account (not
necessarily the UID of the httpd or the gcache process) can simply dropping
down gcache and this way all httpds by just sending garbage to the gcache
port.
What does
16 matches
Mail list logo
