On Fri, Mar 18, 2005 at 02:24:56PM -0500, Scot L. Harris wrote: > This is the wrong approach. A user level account should not be allowed > to consume resources to the point that the whole system crashes. man ulimit sysadmins are responsible for setting these limits as they are per-site values that make no sense globally. > Per the article, this is an old trick that was fixed in many different > versions of Unix. There should be limits on the resources a user > process can request man ulimit > Similar limit is placed on a user allocating disk space. again, the tools are there, use them. If Fedora shipped with every single configuration having a quota enforced, a lot people would go nuts. It doesn't make sense everywhere. > While this is not an exploit that results in root level access it is a > denial of service that could be used by anyone that achieves user level > access to a system. And users should never be trusted. They will find > some way to mess things up. :) man ulimit. This is a complete non-issue, that gets blown out of all proportion every single time it comes up. Usually at the beginning of each academic year. Dave
