Has someone considered PTYs as a possible attack vector for DOS
attacks? Correct me if I'm wrong, but cannot someone just open
all available PTYs on a console-less server and make everyone
unable to log in?
I mean, what if eg. apache is hacked, and the first thing the
attacker does is to tie up all PTYs, so that noone can log in to
correct the situation while the attacker can go about his
business? Then the only possible solution would be to reboot the
server, which might very well not be desirable.
If you want proof of concept code, look at
I successfully ran this on one of my servers which effectively
disabled anyone from logging in via SSH.
Shouldn't PTYs be a per-user resource limit?
Someone must have thought of this before me, right? How am I
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to email@example.com
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 30 2003 - 22:00:33 EST