Re: PTY DOS vulnerability?

Alan Cox (alan@lxorguk.ukuu.org.uk)
30 Jun 2003 22:36:34 +0100


On Llu, 2003-06-30 at 22:31, Fredrik Tolf wrote:
> That is true, though, of course. Stupid me not to think about
> that. However, that means that an administrator who could find
> himself being under such an attack might not think about it
> either. Also, from the outside, the ssh client just does
> nothing, making it look as if the server is unresponsive. Of
> course, the exact error is logged to the server's syslog, but if
> you can't view it, then you won't know about it.
>
> So all in all, do you think I should implement a per-user
> resource limit on PTYs?

There are a whole collection of things that would benefit from that kind
of management - go for it but make it possible to add other stuff too

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/