[OLPC Security] Please read the spec and the discussion first, thanks.

Carl-Daniel Hailfinger c-d.hailfinger.devel.2006 at gmx.net
Mon Dec 3 22:58:06 EST 2007


On 01.12.2007 07:55, Albert Cahalan wrote:
> Marcus Leech writes:
>   
>> Adric Net wrote:
>>     
>>> Similarly, discussion of spamming is hopefully mitigated by the
>>> default network rate limiting and cpu usage limiting of the platform.
>>> If you see weakness in this plan that are not already discussed,
>>> please share. Or submit patches :)
>>>       
>> Network rate limiting likely requires kernel patches that need lots
>> of deep thought before implementing.
>>     
>
> Right. It's a good thing somebody did that years ago. :-)
> (not that I think this is a critical thing to limit)
>
> Use the iptables command. Match on UID. You have a number of choices
> here. The ones that look interesting are:
>   

AFAIK Netfilter UID matching has been deprecated and/or removed from
mainline kernels.

Regards,
Carl-Daniel


More information about the Security mailing list