Re: PTY DOS vulnerability?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Ron Cohen: "kernel panic at high cpu utils"
• Previous message: Valdis.Kletnieks@vt.edu: "Re: Dell vs. GPL"
• In reply to: Alan Cox: "Re: PTY DOS vulnerability?"
• Next in thread: Alan Cox: "Re: PTY DOS vulnerability?"

On Monday 30 June 2003 19:55, Alan Cox wrote:
> On Llu, 2003-06-30 at 15:18, Fredrik Tolf wrote:
> > Shouldn't PTYs be a per-user resource limit?
>
> It depends to what degree you consider your users hostile. But
> yes its possibly one of the things to do per user counting on.

It isn't necessarily an entitled user; see below. But even if it
is, I think it should be able to limit it, just as it is
possible to put a limit on processes.

On Monday 30 June 2003 17:52, Marcelo Bezerra wrote:
> On Mon, 2003-06-30 at 11:18, Fredrik Tolf wrote:
> > Shouldn't PTYs be a per-user resource limit?
>
> This would help, but not solve.
>
> Once he roots your box, he can easly change the script to
> setuid each uid possible and request all ptys it can.
>
> Or he could run it as root, without the limit.

That is provided that he is able to root the system. Take for
example Apache, a program that is relatively often cracked. It,
as many other programs, doesn't run as root. If the attacker
could tie up all PTYs, though, he could go on his business
(extracting confidential information, subnet scanning, etc.)
without root being able to log in to stop him. Instead, the
admimistrator might have to call the datacenter to get them to
reboot the box.
Of course, if the attacker is able to root the box, it doesn't
help very with a resource limit, but that's more of an issue for
the grsecurity project, isn't it?

On Monday 30 June 2003 16:24, Mark Hahn wrote:
> pty's are not required for ssh activity, though they would
> make it tricker.

That is true, though, of course. Stupid me not to think about
that. However, that means that an administrator who could find
himself being under such an attack might not think about it
either. Also, from the outside, the ssh client just does
nothing, making it look as if the server is unresponsive. Of
course, the exact error is logged to the server's syslog, but if
you can't view it, then you won't know about it.

So all in all, do you think I should implement a per-user
resource limit on PTYs?

Fredrik Tolf

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Ron Cohen: "kernel panic at high cpu utils"
• Previous message: Valdis.Kletnieks@vt.edu: "Re: Dell vs. GPL"
• In reply to: Alan Cox: "Re: PTY DOS vulnerability?"
• Next in thread: Alan Cox: "Re: PTY DOS vulnerability?"