[OpenAFS] find /afs/ breaking the client?
Jakub Witkowski
jpw@wszib.edu.pl
Sun, 04 Feb 2007 09:53:53 +0100
--=-kBGZ9FivjddEqHzaYvIG
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Hello,
I just ran into a fairly annoying problem:
One of our students found out, by accident I guess, that running=20
find /afs/ -name whatever
breaks the AFS client _and_ makes the machine hang on access to _any_
file anywhere in the file system hierarhy, not only within afs.
The problem is, this exploit has been successfully used to torpedo exams
that involved students logging in to our SSH server, also as a general
DoS style attack.
Only our cell, wszib.edu.pl, is configured in the client on SSH server.
Client version is 1.5.14; the system is Linux 2.6.18.1 running as
unpriviledged guest within Xen.
Any suggestions?
Jakub Witkowski.
--=-kBGZ9FivjddEqHzaYvIG
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: To jest =?UTF-8?Q?cz=C4=99=C5=9B=C4=87?= listu
podpisana cyfrowo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQBFxZ8hozPug5EmwHARAj2pAKDDuEyrPCIKd7Aj7Iqdn1oTKj7u0QCfWiJN
cc301aXtECyV0u6IKE2xK14=
=dNWC
-----END PGP SIGNATURE-----
--=-kBGZ9FivjddEqHzaYvIG--