slackware-current/source/n/inetd/inetd.loopingdos.diff

55 lines
1.6 KiB
Diff
Raw Normal View History

--- ./inetd.c.orig 2003-09-06 15:08:41.000000000 -0700
+++ ./inetd.c 2003-09-06 16:26:24.000000000 -0700
@@ -171,7 +171,8 @@
#include <rpcsvc/nfs_prot.h>
#include "pathnames.h"
-#define TOOMANY 256 /* don't start more than TOOMANY */
+#define TOOMANY 0 /* don't start more than TOOMANY */
+ /* zero disables this stupid "feature" */
#define CNT_INTVL 60 /* servers in CNT_INTVL sec. */
#define RETRYTIME (60*10) /* retry after bind or server fail */
@@ -365,7 +366,7 @@
int val;
val = strtoul(optarg, &p, 0);
- if (val >= 1 && *p == (char) NULL) {
+ if (val >= 0 && *p == (char) NULL) {
toomany = val;
break;
}
@@ -546,7 +547,7 @@
if (dofork) {
if (sep->se_count++ == 0)
(void)gettimeofday(&sep->se_time, NULL);
- else if (sep->se_count >= sep->se_max) {
+ else if (toomany > 0 && sep->se_count >= sep->se_max) {
struct timeval now;
(void)gettimeofday(&now, NULL);
--- ./inetd.8.orig 2003-09-06 16:26:50.000000000 -0700
+++ ./inetd.8 2003-09-06 16:30:27.000000000 -0700
@@ -68,7 +68,8 @@
Turns on debugging.
.It Fl R Ar rate
Specify the maximum number of times a service can be invoked
-in one minute; the default is 256.
+in one minute; the default is unlimited. A rate of 0 allows an
+unlimited number of invocations.
.El
.Pp
Upon execution,
@@ -249,9 +250,8 @@
spawned from
.Nm inetd
within an interval of 60 seconds.
-When omitted,
-.Dq max
-defaults to 256.
+The default is unlimited (setting a limit may actually make it easier for
+an attacker to create a denial-of-service, and is not recommended).
.Pp
Stream servers are usually marked as
.Dq nowait