Sounds like what SECURITY_BIT_CONDITIONAL_IO is supposed to do.
/ Henrik Grubbström (Lysator)
Previous text:
2003-03-22 18:45: Subject: Re: sTeam DoS vulnerability (still is: Do we have a floatingpoint bug?)
On Sat, Mar 22, 2003 at 04:39:17PM +0100, Xavier Beaudouin wrote:
Maybe this can be do as newpikescript.pike does in Caudium 1.3. There is an external pike process waiting for data using Remote.Client/Server from Pike. If it crashes, then Caudium just restart one new server.
the situation is a lot more complex. DoS is actually the least of our problems. i just discovered that things like Stdio.* are completely unprotected.
we need to somehow make sure that the security wrapper covers each and every function and class in pike, so that calls to Stdio, exit, and the like will result in a security violation.
greetings, martin.
/ Brevbäraren