1 |
On Tue, 29 Jun 2010 15:40:10 +0800 |
2 |
Pavel Labushev <p.labushev@×××××.com> wrote: |
3 |
|
4 |
> 27.06.2010 10:50, klondike пишет: |
5 |
> |
6 |
> > Updated that too, I also commented that a small edit of the patch could |
7 |
> > also be valid to add the SIGSEGV signal to those controlled. |
8 |
> |
9 |
> OK, but this part brings some degree of uncertainty: |
10 |
> |
11 |
> "though if you do, your system would be prone to a DOS attack if any of |
12 |
> your forking daemons has a memory bug." |
13 |
> |
14 |
> ... It sounds like if you have a single buggy daemon, it would make the |
15 |
> _whole_ system be prone to a DoS attack, while it's just the daemon |
16 |
> itself becomes at risk. Maybe change it to: "though if you do, and if |
17 |
> any of your forking daemons has a memory bug, that daemon would be prone |
18 |
> to a DOS attack ."? |
19 |
> |
20 |
|
21 |
Or say that the daemon would open the system up to an DoS attack utilizing that |
22 |
daemon. |
23 |
Because if one daemon is susceptible to an DoS, it does mean that the system is |
24 |
susceptible to an DoS because that daemon resides on that system. |
25 |
|
26 |
-- |
27 |
Kind regards |
28 |
Daniel Kuehn |