[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CPU Load to 100%

Subject: Re: CPU Load to 100%
From: "Kyle Sluder" <email@hidden>
Date: Fri, 16 May 2008 13:07:25 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=ETFunXsYc9mXCZtcifvU4FAEVc12cZ08KCeumCWoezo=; b=ktvz4nBHAPrAhWuXnEkcvoCS6FXQZetTt45poO81MbMR5J8rcvDfVCKK9vAHU37cSjrGDR2w61O7A9mUpv7I6uVdwoVLDZxCVfPOgSExFN+gkgHMasiv6KK7mXpTfYRAyjEo+WErvODpIAR9Bf4veNdjeuPjZK3SfMQ1NGLlE+Y=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=Kbzu6IdBJ3LQBZO+57z+Ih8GJMytYamM7ao/+I0Cx7Ba1xuoXW4gvAbcBGLPO8FDba2cJfB+rbvgt5OmlrLZS82g4Cz3M3g0ckiFu1Pe/Wc+lmEUihe5ZtoHUNn8F8oE6nlFZELn58TcIDYkdHyn0SJAXcoVu4jS6VSd8by6izU=

On Fri, May 16, 2008 at 11:19 AM, Marc Goldberg
<email@hidden> wrote:
> If you're able to reliably reproduce, try ssh -vvv hostname to get debug
> messages... see if there are any interesting messages that give a clue as to
> the source of the problem...

The cause of the problem is already known: Apple screwed up in both
sshd and Terminal.app with respect to opening and closing virtual
terminals (the openpty(3) function).  It's currently being tracked as
rdar://5685756, according to this page:
http://discussions.apple.com/thread.jspa?threadID=1277952&tstart=0

The problem I have is that this is such a basic DoS vector that to not
have fixed it already is unthinkable.  Any attempt to ssh into a
vulnerable machine can trigger this behavior.

--Kyle Sluder
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

References:
	>CPU Load to 100% (From: Richard Good <email@hidden>)
	>Re: CPU Load to 100% (From: "Kyle Sluder" <email@hidden>)
	>Re: CPU Load to 100% (From: Jose Hales-Garcia <email@hidden>)
	>Re: CPU Load to 100% (From: Marc Goldberg <email@hidden>)

Prev by Date: Re: Macos-x-server Digest, Vol 5, Issue 219
Next by Date: Re: SMB, permissions and ACLs
Previous by thread: Re: CPU Load to 100%
Next by thread: require user change password at next login broken(or never worked)?
Index(es):
- Date
- Thread

Home