Julien Plissonneau Duquène, le mar. 21 janv. 2025 11:24:31 +0100, a ecrit: > Le 2025-01-20 21:21, Sam Hartman a écrit : > > One of the issues is HOST_NAME_MAX in modules/pam_xauth/pam_xauth.c. > > It doesn't make much sense to allow arbitrarily long host names. I'm more > reserved for path names as there are (arguably pathological) use cases where > any fixed limit could be reached. > > I think that a satisfactory way to deal with some security issues (let's > call them "name bombs") would be for HURD to implement limits
It already does so. It just doesn't expose them in the API, so they can be raised if need be. Samuel
