Re: [Dproxy-devel] dproxy-nexgen and userid
Brought to you by:
mattpratt
Menu
▾
▴
Re: [Dproxy-devel] dproxy-nexgen and userid
|
From: Matthew P. <mat...@ya...> - 2000-05-26 02:11:28
|
Vesala Teemu wrote: > > Maybe I should aswer to myself: > > I was running dproxy with id 'nobody' yesterday and it ran fine. setuid(2) > was ran after bind, and cache file was set for 'nobody' by hands. I'm > planning to create much nicer system than the 'dirty' hack I made > yesterday. > > Teemu =) > Yes my bad. This was in dproxy-0.5 and I forgot to move it over to nexgen. And on the security note, I was considering writing a program that spurted random junk into the dproxy input port so we can see if we can overflow anything and get it to crash. Not an exhustive test my any means, but better than nothing. Lastly, I dont think I put a bound on how man DNS request can be waiting in the queue, and so an attacker could flood your box with bogus requests, and use all your RAM up. This will need to be fixed. Cheers, Matty |
