From owner-freebsd-bugs  Tue May 25  8:10: 6 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 837BE157B5
	for <freebsd-bugs@FreeBSD.org>; Tue, 25 May 1999 08:10:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id IAA98584;
	Tue, 25 May 1999 08:10:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Date: Tue, 25 May 1999 08:10:02 -0700 (PDT)
Message-Id: <199905251510.IAA98584@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Masachika ISHIZUKA <ishizuka@ish.org>
Subject: Re: bin/11860: inetd is broken when kill -HUP
Reply-To: Masachika ISHIZUKA <ishizuka@ish.org>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

The following reply was made to PR bin/11860; it has been noted by GNATS.

From: Masachika ISHIZUKA <ishizuka@ish.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:  
Subject: Re: bin/11860: inetd is broken when kill -HUP
Date: Wed, 26 May 1999 00:06:18 +0900

 >>Synopsis:       inetd is broken if kill -HUP `/var/run/inetd.pid`
 
   Hi.
   The patch was sent by hiroya-san as [FreeBSD-net-jp 1596]
 (FreeBSD network mailling list in Japan).
   I think this patch is very good.
   We tested with the following samples.
   If you use inetd without this patch on FreeBSD 3.2R, you
 can find the daemon's name is changed each times when you
 'kill -HUP `cat /var/run/inetd.pid`'.
   I think this is a very serious security bug for inetd with
 3.2R, so you should apply this patch as soon as possible.
 
 (sample comfiguration)
 % grep -v '^#' /etc/inetd.conf
 ftp     stream  tcp     nowait  root    /usr/libexec/ftpd       ftpd -l
 telnet  stream  tcp     nowait  root    /usr/libexec/telnetd    telnetd
 comsat  dgram   udp     wait    tty:tty /usr/libexec/comsat     comsat
 ntalk   dgram   udp     wait    tty:tty /usr/libexec/ntalkd     ntalkd
 
 % cat /etc/hosts.allow
 ALL : ALL : twist /bin/echo "You are not welcome to use %d from %h."
 
 % telnet localhost
 You are not welcome to use telnetd from localhost.
                            ~~~~~~~
 # kill -hup `cat /var/run/inetd.pid`
 
 % telnet localhost
 You are not welcome to use comsat from localhost.
                            ~~~~~~
 # kill -hup `cat /var/run/inetd.pid`
 
 % telnet localhost
 You are not welcome to use ntalkd from localhost.
                            ~~~~~~
 # kill -hup `cat /var/run/inetd.pid`
 
 % telnet localhost
 You are not welcome to use ___ from localhost.
                            ~~~
 
 (patch by hiroya-san [FreeBSD-net-jp 1596])
 --- inetd.c.org	Mon May 24 19:16:14 1999
 +++ inetd.c	Mon May 24 19:16:48 1999
 @@ -911,6 +911,7 @@
  			SWAP(sep->se_class, new->se_class);
  #endif
  			SWAP(sep->se_server, new->se_server);
 +			SWAP(sep->se_server_name, new->se_server_name);
  			for (i = 0; i < MAXARGV; i++)
  				SWAP(sep->se_argv[i], new->se_argv[i]);
  			sigsetmask(omask);
 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message