DOS: Clients can freeze other clients smbd
Mattias.Gronlund
Mattias.Gronlund at sa.erisoft.se
Mon Aug 30 20:21:57 GMT 1999
Jeremy Allison wrote:
>
> Mattias.Gronlund wrote:
>
> > A client may freeze until the keepalive timer expires (hours)
> > by not sending the amount of data that smbd expects.
>
> I must confess I have worried in the past about this DOS
> attack.
>
> > This isn't a good thing, I think we should always use
> > read_socket_with_timeout() instead of read_socket so that we
> > never get stuck that long in the first place.
>
> Ok - that sounds reasonable. Do you want to do the patch ?
>
Ok, I'll try. There is more to this, I think that I have to
trace all calls read_socket_with_timeout() that gives a timeout
lesser or equal to zero. If I understand this right we shall
never wait without a timeout when waiting on a socket.
> > If there is any interest for this I would like to reimplement
> > read_socket_with_timeout() with alarms instaed of select.
>
> Hmmm. Why does this change improve things ? I remember
> debugging one performance problem in the Vantive daemon where
> the cost of doing the system calls to set/unset the alarm and
> attendent signal handler were massively eating CPU.
>
You might be right, I just start with the removal of all blocking
socket-calls.
/Mattias
More information about the samba-technical
mailing list