| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Nov 2009 11:51:13 -0500 From: William Allen Simpson <william.allen.simpson@...il.com> To: David Miller <davem@...emloft.net> CC: netdev@...r.kernel.org, Joe Perches <joe@...ches.com> Subject: Re: [net-next-2.6 PATCH v7 3/7 RFC] TCPCT part 1c: sysctl_tcp_cookie_size, socket option TCP_COOKIE_TRANSACTIONS David Miller wrote: > From: William Allen Simpson <william.allen.simpson@...il.com> > Date: Fri, 20 Nov 2009 09:33:51 -0500 > >> @@ -59,6 +59,14 @@ int sysctl_tcp_base_mss __read_mostly = 512; >> /* By default, RFC2861 behavior. */ >> int sysctl_tcp_slow_start_after_idle __read_mostly = 1; >> >> +#ifdef CONFIG_SYSCTL >> +/* By default, let the user enable it. */ >> +int sysctl_tcp_cookie_size __read_mostly = 0; >> +#else >> +int sysctl_tcp_cookie_size __read_mostly = TCP_COOKIE_MAX; >> +#endif >> + > > I would prefer if the default did not depend upon whether > SYSCTL is enabled or not. That's extremely non-intuitive. > > This code was based on net/ipv4/tcp_minisocks.c for syncookies. Apparently, default for syncookies has been controversial. Would you accept always default to TCP_COOKIE_MAX? The code already automatically reduces the size of the cookie to match available space in the TCP options (part 1f). -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists