On Wed, Oct 26, 2016 at 11:42 AM, Dag-Erling Smørgrav <[email protected]> wrote: > CeDeROM <[email protected]> writes: >> Robert N. M. Watson <[email protected]> writes: >> > In general, my strong recommendation is against issuing advisories >> > for local denial-of-service attacks, (..) >> I would prefer to get that information regardless of individual >> preferences. > > It's not a matter of individual preference. During my time as so@ (and > Simon's before me), this was an explicit policy. The reason is that, as > Robert points out, there are a million ways for a trusted unprivileged > user to cause a DoS, and most of them aren't even bugs. Some of them > can be mitigated using quotas or resource limits, but far from all.
Maybe a dedicated place/list for those..? That would be also good source of recommendations on how to protect a system.. something like CIS Benchmarks? :-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
