Limit unprivileged keepalives per uid
Public APIs for creating unprivileged NATT socket keepalive might allow users to exhaust resource if malicious apps try to create keepalives with fd which is not created by IpSecService through binder call. Thus, this change add customizable limitation per uid to prevent resource exhaustion attack. Bug: 129371366 Bug: 132307230 Test: atest FrameworksNetTests Change-Id: Ibcb91105e46f7e898b8aa7c2babc3344ef2c6257
Loading
Please register or sign in to comment