On Fri, Aug 19, 2005 at 11:23:56AM -0400, Mike Tancsa wrote: +> At 12:20 PM 18/08/2005, Pawel Jakub Dawidek wrote: +> >+> +> >+> It probably worth a security advisory. +> >It's only a local DoS on systems with crypto HW and /dev/crypto. +> >Note that /dev/crypto is not needed for fast_ipsec(4) with HW +> >acceleration, nor for geli(8). +> >Workaround is also very simple: +> > # chmod 600 /dev/crypto +> +> FYI, +> I have been running with the patch on a RELENG_4 box and it prevents the DoS [...] +> Any chance to MFC it back to RELENG_4 ? Done. -- Pawel Jakub Dawidek http://www.wheel.pl pjd_at_FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am!
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:41 UTC