If a user spams connections to realmd, they can surpass the file descriptor limit and effectively halt any further connections to realmd. We resolved this via iptables but realmd should probably have antiflood, maybe a table holding all ips and connection attempt counters with a method of rejecting them if they surpass a user-defined limit.
If a user spams connections to realmd, they can surpass the file descriptor limit and effectively halt any further connections to realmd. We resolved this via iptables but realmd should probably have antiflood, maybe a table holding all ips and connection attempt counters with a method of rejecting them if they surpass a user-defined limit.