bitmaps in srv_lsa_hnd.c
Tim Potter
tpot at linuxcare.com.au
Mon Oct 9 03:36:56 GMT 2000
Gerald Carter writes:
> The only purpose of bmap that I see is to prevent us
> from allocating more than MAX_OPEN_POLS at any given time
> for an smbd. If I were to guess, this to prevent a DoS
> attack where a client exhausts the server by opening
> LSA policy handles and never closing them?
You'll still get a DoS attack of sorts, as opening 64 handles
without closing them would prevent other people from opening more
handles for legitmate purposes.
A better idea would be to start discarding open handles on a LRU
basis so that a request for a new handle always succeeds.
Regards,
Tim.
More information about the samba-technical
mailing list