:I just thought of a bad thing. If you allowed the counters to be zero'd
:(or advanced) at securelevel == 3, then a 'malicious user' could write a
:cronjob to continually reset them and cause a DoS attack on the system
:(or in the case of advance, reset them to ridiculously high values),
:thus filling up the disk.
:
:However, one could argue that *IF* they have root, they could just as
:easily fill the disk with garbage and cause the same attack, ie;
:
:# dd if=/dev/zero of=/var/log/misc
The hacker w/ root would have to be a complete bozo to write a cron job
or loop to clear the ipfw counters rather then do something else that
really blows the machine away! It isn't a scenario that fills me with
fear.
-Matt
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
