You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2009/03/02 17:41:35 UTC
DO NOT REPLY [Bug 46788] New: Set resource limits to avoid denial of
service attacks from malicious CGI scripts
https://issues.apache.org/bugzilla/show_bug.cgi?id=46788
Summary: Set resource limits to avoid denial of service attacks
from malicious CGI scripts
Product: Apache httpd-2
Version: 2.2.3
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: All
AssignedTo: bugs@httpd.apache.org
ReportedBy: asmith@ca.ibm.com
Created an attachment (id=23320)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=23320)
patch
We've been using this patch to deal with an internal problem, but I thought
it's worth pushing it to Apache in case there is interest:
Execute a CGI script that continues to create new processes in an endless
loop.
Expected Results: The script will be limited to a set number of process
it can create.
Actual Results: Today this is not limited for CGI scripts.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org