Jan Klemkow <[email protected]> wrote: > On Tue, Dec 15, 2020 at 03:43:38PM -0700, Theo de Raadt wrote: > > Jan Klemkow <[email protected]> wrote: > > > > > for frequent performance test it would be nice to just start tcpbench > > > as a regular service. tcpbench gets an extra user and group with this > > > diff and is already pledged to "stdio". Thus, there should be no > > > security risk to do this even in hostile environments. > > > > You're kidding me. If someone starts this in a hostile environment, their > > network/host will be flattened. > > You are right, someone can use this, to flood a link. But, you can > flood someones link with traffic anyway, as botnets do it, or?
It is not the same at all, because tcpbench will attempt to flow maximum traffic in both directions. No other service has that behaviour.
