[cgiwrap-users] Is --with-rlimit-nproc= going to help?
Brought to you by:
nneul
Menu
▾
▴
[cgiwrap-users] Is --with-rlimit-nproc= going to help?
|
From: Tuc <tu...@tt...> - 2001-11-27 23:52:21
|
Hi, We are running into a problem with hackers. They beat the crap out of a specific CGI trying to get it to release information it shouldn't. In the matter of seconds its gotten a system up to a load average of 200, taking 20 minutes to telnet into it. This is also after we have instituted a program that once the load average is over 12 (It runs every 2 minutes) it will chmod 000 the cgi! Its currently wrapped by an older copy of cgiwrap (3.6.4). Its compiled with : ./configure --with-perl=/usr/local/bin/perl -with-install-dir=/var/www/cgi-bin - -with-cgi-dir='' --with-httpd-user=www --with-logging-syslog='' --with-install-g roup=wheel Is there a way to stop, or atleast curb this insanity? I saw --with-rlimit-nproc=, which I don't quite understand (I'm not a programmer). Does this mean only 32 can run at one time? Was this always the default, since we can easily have more than 32 running. Is there some other items we can tweak to help? I don't know if limiting the CPU seconds works with a default either, since it seems to allow it to have more than 10 (On another machine we have an issue... It has actually let CGI run for HOURS...). Any help/hints/pointers are appreciated. Thanks, Tuc/TTSG Internet Services, Inc. |
