Subject: Re: PTY DOS vulnerability?
From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Fredrik Tolf <fredrik@dolda2000.cjb.net>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
In-Reply-To: <200306302331.38071.fredrik@dolda2000.cjb.net>
References: <200306301613.11711.fredrik@dolda2000.cjb.net>
	 <1056995729.17590.19.camel@dhcp22.swansea.linux.org.uk>
	 <200306302331.38071.fredrik@dolda2000.cjb.net>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Organization: 
Message-Id: <1057008994.17589.40.camel@dhcp22.swansea.linux.org.uk>
Mime-Version: 1.0
Date: 30 Jun 2003 22:36:34 +0100
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 965
Lines: 20

On Llu, 2003-06-30 at 22:31, Fredrik Tolf wrote:
> That is true, though, of course. Stupid me not to think about 
> that. However, that means that an administrator who could find 
> himself being under such an attack might not think about it 
> either. Also, from the outside, the ssh client just does 
> nothing, making it look as if the server is unresponsive. Of 
> course, the exact error is logged to the server's syslog, but if 
> you can't view it, then you won't know about it.
> 
> So all in all, do you think I should implement a per-user 
> resource limit on PTYs?

There are a whole collection of things that would benefit from that kind
of management - go for it but make it possible to add other stuff too

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/