Hi :)
On Sun, 9 Jan 2000, Khimenko Victor wrote:
> AC> I know no single Unix like OS I can't bring down if I dont have resource limiting.
> AC> Also for that matter Ive yet to meet one I can't kill even with resource limiting
> AC> in place.
> Hmm. Perhaps... On other hand Sebastian saying:
> -- cut --
> Oh, I didn't knew that. I know that this is no common malloc() bomb
> problem, and we haven't heard about it, so we want to make it public, even
> if it is known to the kernel developers. A bit pressure to the admins side
> could not be wrong to use resource limits.
>
> Btw, any BSD we tried on doesn't suffer from this or similar problems.
> -- cut --
> Who is on drugs ?
Uhm. I don't like if private emails of mine get pasted to a mailing list
totally out-of-context :).
Well my point was, I believe in both, full-non-disclosure (keeping
something to just yourself or to a very small group) or full-disclosure
(sharing it with everyone at the same time).
The point now is, that many Linux distributions ship with no resource
limitations activated by default, and a lot of administrators don't know
about them or how to enable them. By raising public attention to this
problem you bring many administrators to raise the barrier by enforcing
resource limits, which is good.
Creating this pressure is often seen in a bad way by both developers
("we developers want to be notified first to fix it") or by companies,
of which some ignore security issues until enforced by customers to fix
them (hi bill).
However, I think of this pressure as a necessary thing, and that was
what I meant in the mail to Khimenko.
On the other hand, Unix wasn't build for DoS-users, and I'm sure Alan is
able to crash mostly anything. But using resource limits anyway is a good
thing and any admin should use them.
I can't think of what is bad about saying this.
Btw, I'm not on any drugs, promised. :-)
Another thing which Khimenko "accused" me of was that this has been
known on the kernel mailing list for ages. I remember on our first
advisory that the TCP spoofing vulnerability in Linux <= 2.2.12 kernels
was known to the developers also, but no one outside the mailing list ever
noticed it, if we wouldn't have published an advisory about it (we found
it independently though), no one would know it today. So please don't
blame me that I cannot read 250++ mails per day just to ensure we don't
release something already known to some people.
regards,
scut of teso
-- - scut@nb.in-berlin.de - http://nb.in-berlin.de/scut/ - sacbuctd@ircnet -- -- you don't need a lot of people to be great, you need a few great to be -- -- the best ----------------------------------------------------------------- --- nuclear arrival weapon spy agent remain undercover, hi echelon ----------- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:14 EST