Re: PTY DOS vulnerability?

From: Jesse Pollard (
Date: Wed Jul 02 2003 - 20:14:36 EST

On Tuesday 01 July 2003 14:53, Helge Hafting wrote:
> On Tue, Jul 01, 2003 at 06:57:49AM -0500, Jesse Pollard wrote:
> > One problem is that ptys are not just "used by the user". Every terminal
> > window opened uses a pty. As does a network connection.
> >
> > As does "expect" - which is less visible to the user since it is intended
> > to be invisible.
> >
> > The real question is "how many PTYs should a single user have?"
> > Which then prompts the question "How many concurrent users should there
> > be?"
> >
> > second, just providing a user limit doesn't prevent a denial of service..
> > Just have more connections than ptys and you are in the same situation.
> Isn't this something a improved sshd could do? I.e. if the
> connection using up the last (or one of the last) pty's logs
> in as non-root - just kill it.

and how is it to determine that it is the last?

try two and die if the second fails???

at least one system just creates more ptys...
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon Jul 07 2003 - 22:00:18 EST