Log analysis program running under apache reboots server!

Mon, 13 Nov 2000 10:48:54 -0800 

Greetings all.. 

  I have been trying to test an apache log analizing program called Nettracker
 (wwww.sane.com) the program seems nice except for the fact that it keeps
 rebooting/crashing the server. This would just be labeled crappy software
 except for the fact that I am running the software as user apache and have
setup process limits in login.conf and it is still able to reboot the server.
 
  This seems like a real problem and security issue as I have setup limits in
 /etc/login.conf (see below) and the program is being run via CGI as user
 apache, yet it is still capable of rebooting the system. Seems like a nice
 hack
 to me.
 
  If anyone could check over my  login.conf settings below and make sure they
 are
 correct/ truly usefull, I would really appreciate it! Also any information on
 how this program could so easily reboot the server would be nice too.
 
   Thanks!!
 
 
    Nicole
 
 System is 4.1-STABLE and has 256 Megs of memory and 4X that of swap.
 
 apacheuser:\
         :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\
         :cputime=4h:\
         :datasize=64M:\
         :stacksize=4M:\
         :filesize=infinity:\
         :memoryuse=64M:\
         :priority=0:\
        :datasize-cur=32M:\
        :stacksize-cur=32M:\
        :coredumpsize-cur=0:\
        :maxmemorysize-cur=64M:\
        :memorylocked=32M:\
        :maxproc=128:\
        :openfiles=256:\
         :tc=standard:
 
## standard - standard user defaults
##
 standard:\
         :copyright=/etc/COPYRIGHT:\
         :welcome=/etc/motd:\
         :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
         :path=~/bin /bin /usr/bin /usr/local/bin:\
         :manpath=/usr/share/man /usr/local/man:\
         :nologin=/var/run/nologin:\
         :cputime=1h30m:\
         :datasize=8M:\
         :stacksize=2M:\
         :memorylocked=4M:\
         :memoryuse=8M:\
         :filesize=8M:\
         :coredumpsize=8M:\
         :openfiles=24:\
         :maxproc=32:\
         :priority=0:\
         :requirehome:\
         :passwordtime=90d:\
         :umask=002:\
         :ignoretime@:\
         :tc=default:
 
 default:\
         :cputime=infinity:\
         :datasize-cur=22M:\
         :stacksize-cur=8M:\
         :memorylocked-cur=10M:\
         :memoryuse-cur=30M:\
         :filesize=infinity:\
         :coredumpsize=infinity:\
         :maxproc-cur=64:\
         :openfiles-cur=64:\
         :priority=0:\
         :requirehome@:\
         :umask=022:\
 
 



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Reply via email to