CeDeROM
2016-Oct-26 10:03 UTC
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
On Wed, Oct 26, 2016 at 11:42 AM, Dag-Erling Sm?rgrav <des at des.no> wrote:> CeDeROM <cederom at tlen.pl> writes: >> Robert N. M. Watson <rwatson at freebsd.org> writes: >> > In general, my strong recommendation is against issuing advisories >> > for local denial-of-service attacks, (..) >> I would prefer to get that information regardless of individual >> preferences. > > It's not a matter of individual preference. During my time as so@ (and > Simon's before me), this was an explicit policy. The reason is that, as > Robert points out, there are a million ways for a trusted unprivileged > user to cause a DoS, and most of them aren't even bugs. Some of them > can be mitigated using quotas or resource limits, but far from all.Maybe a dedicated place/list for those..? That would be also good source of recommendations on how to protect a system.. something like CIS Benchmarks? :-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
Dag-Erling Smørgrav
2016-Oct-26 11:28 UTC
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
CeDeROM <cederom at tlen.pl> writes:> Dag-Erling Sm?rgrav <des at des.no> writes: > > [...] there are a million ways for a trusted unprivileged user to > > cause a DoS, and most of them aren't even bugs. Some of them can be > > mitigated using quotas or resource limits, but far from all. > Maybe a dedicated place/list for those..?That's like asking for a list of ways you can hurt yourself in your own home. I could list a hundred, and there would still be thousands more I didn't think of. DES -- Dag-Erling Sm?rgrav - des at des.no