applenty with same.
m2c,
steve
-Original Message-
From: Lee Howard [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 12, 2000 5:08 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: pico can cripple a system
I had a user ftp up a 100MB+ text file and then try opening it with pico.
Well
On Thu, 12 Oct 2000, Statux wrote:
= > That seems like a security hole, to me.
=
= Not really a security hole.. but a major denial of services/resources :)
If someone without specified priviledges is able to bring down a system,
that is very much a security concern.
=
= ...
hth,
kf
--
M
Couldn't you set a memory/cpu limit on user groups?
>I tried it in vi, and it doesn't cause a problem. There would have been at
>least 50M free at the time that pico was invoked.
>
>My concern *isn't* that this file cannot be edited with pico. I couldn't
>care less; I can use vi just fine. Ho
Thomas Ribbrock wrote :
>
> But isn't there a DoS hole under Linux anyway? IIRC anybody who is
> able to use all available memory (incl. swap) can bring the system down,
> as the kernel will start to randomly shut down processes. That was true
> for 2.0.x at least, I don't know whether that was f
On Thu, Oct 12, 2000 at 01:24:11AM -0600, Lee Howard wrote:
> I tried it in vi, and it doesn't cause a problem. There would have been at
> least 50M free at the time that pico was invoked.
>
> My concern *isn't* that this file cannot be edited with pico. I couldn't
> care less; I can use vi jus
Emmanuel Seyman wrote :
>
> I think ulimit is what you're talking about. You can use it to limit
> file sizes, max memory sizes, etc for users. Maw memory size is
> unlimited by default in RedHat (in 6.2 anyways) so that would explain
> pico crashing the system. I'ld like to help more but I can't
Dan Horth a écrit :
>
> I thought that there was a way to limit processor and memory usage -
> similar to the way you limit disk usage with quota... I can't
> remember off-hand and haven't set this up myself... but I do think
> there is a product out there to prevent users thrashing your system..
I thought that there was a way to limit processor and memory usage -
similar to the way you limit disk usage with quota... I can't
remember off-hand and haven't set this up myself... but I do think
there is a product out there to prevent users thrashing your system...
sorry can't be mroe helpf
> That seems like a security hole, to me.
Not really a security hole.. but a major denial of services/resources :)
If pico gets a major overhaul, then so does pine :)
I'm still learnin to use vi.. I like vi.. but it's bizzarre :)
colon this.. colon that ;)
_
Pico could care less what size file it opens or how much cpu time it
takes over. It's just trying to open the file as fast as it can.
Lee Howard wrote:
>
> I tried it in vi, and it doesn't cause a problem. There would have been at
> least 50M free at the time that pico was invoked.
>
> My con
I tried it in vi, and it doesn't cause a problem. There would have been at
least 50M free at the time that pico was invoked.
My concern *isn't* that this file cannot be edited with pico. I couldn't
care less; I can use vi just fine. However, my concern is that an
unpriviledged user was able to
It doesn't matter what editor opened the file, you would have had the
same effect.
Statux wrote:
>
> Did you try the same thing in vi? If not.. don't complain :)
>
> 100MB file.. how much RAM was free before hand? that file's goin right
> into swap no matter what editor you use if you run out o
Did you try the same thing in vi? If not.. don't complain :)
100MB file.. how much RAM was free before hand? that file's goin right
into swap no matter what editor you use if you run out of RAM.
-Statux
On Wed, 11 Oct 2000, Lee Howard wrote:
> I had a user ftp up a 100MB+ text file and then tr
I had a user ftp up a 100MB+ text file and then try opening it with pico.
Well, it brought the system to its knees, and it went unresponsive for
nearly an hour (128MB RAM, 8GB HDD, AMD K6-2/450) until I executed a
'shutdown -r' (and even that took several minutes to initiate).
Now maybe the user
14 matches
Mail list logo