Thus spake Sheldon Hearn <sheldonhstarjuice.net>:
> On (2002/11/21 15:29), Mike Silbersack wrote:
>
> > HOWEVER, we're in a code freeze leading up to 5.0-release, and local DoSes
> > aren't a critical bug.
>
> Is that the official FreeBSD SO team viewpoint on local DoS
> vulnerabilities?

DoS attacks are incredibly hard to address in general, and I have
yet to see a multiuser system that isn't vulnerable to at least
several of them. Given that FreeBSD has always been
``vulnerable'' to file table exhaustion, waiting a few weeks isn't
going to be the end of the world[1]. My favorite example of a
local DoS attack is:

        while (1)
                mkdir t && cd t

I ``discovered'' this one about a year ago, then found that Dennis
Ritchie had pointed it out in the early 1970's. It reliably
crashes most systems, often causing massive filesystem corruption.
Until someone fixes the scores of known DoS attacks that already
exist, I'm not willing to consider any particular attack to be
high-priority.

[1] These days, the size limit on the file table is administrative
        anyway, since the table is a hash table. Of course, it doesn't
        auto-resize if you grow it by an order of magnitude at runtime.

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]