Everything said to this point is very good...
>
> A typical attack vector, however, for 1000+ account sites is a
> compromised account. You can assume at least 5 per 1000 accounts are
> compromised or have easily guessable passwords. Those will not heed your
> policy forms whatever you
Hello!
On Thu, Oct 20, 2005 at 11:01:55PM +0200, Jesper Louis Andersen wrote:
>[... what looks like good advice ...]
>A typical attack vector, however, for 1000+ account sites is a
>compromised account. You can assume at least 5 per 1000 accounts are
>compromised or have easily guessable passwo
Will H. Backman wrote:
Turning this into a learning experience: Does anyone have any hints or
advice about hardening OpenBSD for shell accounts. Do people tweak
things other than the login.conf settings? I have to deal with student
shell accounts where students are learning to program and oft
> > To clarify, if you limit someone's ram use to a certain point, or
> > CPU use to a certain point, it will slow down compiling due to
> > having less resources :) As I said though - I may be wrong on
> > this one.
>
> Yes, that would be the idea of limiting resources. If I am given the ability
> Yes, that would be the idea of limiting resources. If I am
> given the ability to use 99% of the CPU compiling software,
> how is that different than me running a fork bomb and doing the same?
In essanse I suppose it isn't - but if your (as in my case) selling shells,
compiling is legitimate,
From: Wolfpaw - Dale Corse [mailto:[EMAIL PROTECTED]
> > On 10/19/05, Wolfpaw - Dale Corse <[EMAIL PROTECTED]> wrote:
> > > quickly. I try not to use limits, because it slows
> > compiling to crap
> > > :(
> >
> > this makes no sense whatsoever.
>
> To clarify, if you limit someone's ram use
> On 10/19/05, Wolfpaw - Dale Corse <[EMAIL PROTECTED]> wrote:
> > quickly. I try not to use limits, because it slows
> compiling to crap
> > :(
>
> this makes no sense whatsoever.
To clarify, if you limit someone's ram use to a certain point, or
CPU use to a certain point, it will slow down
On 10/19/05, Wolfpaw - Dale Corse <[EMAIL PROTECTED]> wrote:
> quickly. I try not to use limits, because it slows compiling to crap :(
this makes no sense whatsoever.
> Turning this into a learning experience: Does anyone have any hints or
> advice about hardening OpenBSD for shell accounts. Do people tweak
> things other than the login.conf settings? I have to deal with student
> shell accounts where students are learning to program and often create
> proble
> Turning this into a learning experience: Does anyone have
> any hints or advice about hardening OpenBSD for shell
> accounts. Do people tweak things other than the login.conf
> settings? I have to deal with student shell accounts where
> students are learning to program and often create pr
> If you can port it, you can also use it on your own box, so
> where is the problem?
No problem there.. Actually looking at the couple of functions I need
here to see how difficult to integrate they would be.
> login.conf (5)
>
> > Problem comes into play when a user starts say .. 50
> > Copie
On Wednesday, October 19, "Will H. Backman" wrote:
>
> Turning this into a learning experience: Does anyone have any hints or
> advice about hardening OpenBSD for shell accounts. Do people tweak
> things other than the login.conf settings? I have to deal with student
> shell accounts where stud
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> knitti
> Sent: Wednesday, October 19, 2005 5:23 AM
> To: Wolfpaw - Dale Corse
> Cc: misc@openbsd.org
> Subject: Re: Guruness (was the bug report thread)
>
> On 10/19/05, Wolfpaw - Dale Corse <[EMAIL PRO
13 matches
Mail list logo
