[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] FTPD DoS

Subject: Re: [cobalt-security] FTPD DoS
From: John Bailey <support@xxxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 17 Mar 2001 18:17:22 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> Well, hopefully your users wouldn't crash the RaQ on purpose.  There's
> millions of ways to crash Linux at any rate, mostly due to lack of
> process restrictions in the Linux kernel.

PAM can used to implement process number (and other) limits in the Linux
Kernel.  Take a look at

http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.12

for more details.  This can certainly be used to prevent fork-bombs and
the like.

> All reproducable via PHP/Perl etc...

PHP does have some facilities to prevent users doing nasty things.  Take a
look at the 'disable_function', 'max_execution_time' and 'memory_limit'
configuration directives for good examples.

Regards,

John

Prev by Date: Re: [cobalt-security] FTPD DoS
Next by Date: Re: [cobalt-security] FTPD DoS
Previous by thread: Re: [cobalt-security] Open letter to SUN/Cobalt
Next by thread: Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index