On Thu, Nov 25, 1999 at 07:09:47PM +1100, Brian May wrote: > ps -auwx | grep ircd # get PID of ircd, assume it is 50 > > kill 50 # denial of service attack > > kill -9 50 # worse then above(?) Depending on the circumstances, that might be an acceptible risk. A DOS on a minor part of the system is, IMHO, better than the administrative nightmare of wanton uid proliferation. (Especially given that trying to prevent all DOS's is a losing battle anyway.) > strace -p 50 # view everything IRC does including > any passwords that it may get. Different case. If it needs passwords it's going to need a higher level of privilage than a dumb service like (e.g.) echo. It's worth asking whether a service needs something special before it's given out. (Trying to get it back's nearly impossible.) -- Mike Stone
Attachment:
pgpzrIyvE5iYl.pgp
Description: PGP signature