On Mon, 16 Feb 2004, 15:07+0100, Pawel Jakub Dawidek wrote: > On Mon, Feb 16, 2004 at 04:47:25PM +0300, Maxim Konovalov wrote: > +> > If there is no objections I'm going to commit it tomorrow. > +> > +> What I really do not understand why we do not leak in non-jail > +> environment? > > I'm sure we are, this is just hard to check, because we don't have > list with allocated 'cred' structures. > > But try to do your test without a jail and track 2nd column in: > > # sysctl kern.malloc | grep cred > > Number of objects grows when I'm killing daemon while connection > exists. I'm wondering if this cannot be used to some DoS attack. Can't reproduce: $ vmstat -m | grep cred cred 38 5K 5K 22714 128 [ serveral nc & telnet tests I port early in non-jail environment ] $ vmstat -m | grep cred cred 38 5K 5K 22833 128 [ same tests in jail ] $ vmstat -m | grep cred cred 42 6K 6K 23034 128 $ jls JID IP Address Hostname Path 4 127.0.0.1 j / 3 127.0.0.1 j / 2 127.0.0.1 j / 1 127.0.0.1 j / -- Maxim KonovalovReceived on Mon Feb 16 2004 - 06:12:21 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:43 UTC