Date: Sun, 24 Mar 2024 11:20:36 -0700 From: Lee Brown <leeb@ratnaling.org> To: freebsd-hackers@freebsd.org Subject: Re: Removing or changing the ping interval restriction for non-root users Message-ID: <CAFPNf58PS1qozfVt30GHnf4Jyi2p=j6ic-JVXQ3iCBb3d82m8A@mail.gmail.com> In-Reply-To: <4f8b035c-b2cc-4606-a691-f1d86827282b@app.fastmail.com> References: <954e1d80-d44f-4c3d-88a7-122dc0f25de4@app.fastmail.com> <2D5DD001-DD98-4A8E-9458-6754E6D977EE@cschubert.com> <4f8b035c-b2cc-4606-a691-f1d86827282b@app.fastmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000bce2b106146c1de0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable net/fping will allow sub-second intervals: $ ping -i .1 10.1.1.1 ping: -i interval too short: Operation not permitted $ fping --interval=3D1 --vcount=3D20 --period=3D50 10.1.1.1 20 lines of result Better than changing base IMHO (POLA) On Sun, Mar 24, 2024 at 8:04=E2=80=AFAM Tom Forbes <tom@tomforb.es> wrote: > I've personally never come across this limitation on any system that I've > used, however it is a good point that there are bound to be systems that > have the same limitation. After digging a bit more into the history the > limitation was added in this commit[1] in 1998 with the explicit intentio= n > to "secure options from user-level D.O.S attacks". > > A lot of things have changed since 1998, and setting an arbitrary high > limit to prevent "ping" and "ping6" from being used to DOS networked > devices would be a pretty suspect decision if it was suggested today. I > expect a few other distributions have inherited this limit from the > original contribution, but to me that doesn't lend a strong argument to > keeping it if the underlying reason it exists doesn't make sense anymore > _and_ if removing/reducing it is a backwards-compatible, simple and > non-invasive change. > > Tom > > 1. > https://github.com/freebsd/freebsd-src/commit/526f06b278d9252add168aa1= 8b60242c08771165 > > > On Sun, 24 Mar 2024, at 2:48 PM, Cy Schubert wrote: > > On March 24, 2024 5:57:01 AM PDT, Tom Forbes <tom@tomforb.es> wrote: > >Hello, > >I maintain a small project called gping[1] that recently added support > for FreeBSD. One of the issues I ran into with running this on FreeBSD wa= s > that the `ping` command seems to disallow intervals of less than 1 second > if you are not running as root[2]. This check was last touched 23 years a= go > and I'm curious as to why this restriction exists? I assume it's from an > earlier time in the internets history, and perhaps is related to potentia= l > misuse of the command to flood targets with packets via ping? > > > >If it is then I'd like to suggest that this limitation be removed or is > reduced to `0.1` seconds instead? Using `ping` for this kind of thing isn= 't > a viable attack today, and the 1 second limitation seems like it would ge= t > in the way of useful uses of the ping command. > > > >Also this is my first post to any *BSD mailing list, so please let me > know if this is not the right place to ask this question or propose this! > > > >Thanks, > >Tom > > > >1. https://github.com/orf/gping > >2. > https://github.com/freebsd/freebsd-src/blame/8a56ef8d75b42ee7228247466c8c= 1712de6e3b6f/sbin/ping/ping6.c#L441 > Other UNIX-like systems have the same restriction. At $JOB we use Solaris > and various Linux systems. All maintain the same restriction. Other BSDs > are the same.I don't think FreeBSD should be an outlier. > > Maybe setgid bit or a capability to remove the restriction may be a > better solution. But to reduce the timeout to essentially remove it is IM= O > unwise. > > -- > Cheers, > Cy Schubert <Cy.Schubert@cschubert.com> > FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org > NTP: <cy@nwtime.org> Web: https://nwtime.org > e^(i*pi)+1=3D0 > > Pardon the typos. Small keyboard in use. > > > --000000000000bce2b106146c1de0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>net/fping will allow sub-second intervals:</div><div>= <br></div>$ ping -i .1 10.1.1.1<div>ping: -i interval too short: Operation = not permitted</div><div><br></div><div>$ fping --interval=3D1 --vcount=3D20= --period=3D50 10.1.1.1</div><div>20 lines of result</div><div><br></div><d= iv>Better than changing base IMHO (POLA)<br></div></div><br><div class=3D"g= mail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Sun, Mar 24, 2024 at 8= :04=E2=80=AFAM Tom Forbes <<a href=3D"mailto:tom@tomforb.es">tom@tomforb= .es</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"marg= in:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1e= x"><div class=3D"msg-7303959741559428101"><u></u><div><div>I've persona= lly never come across this limitation on any system that I've used, how= ever it is a good point that there are bound to be systems that have the sa= me limitation. After digging a bit more into the history the limitation was= added in this commit[1] in 1998 with the explicit intention to "secur= e options from user-level D.O.S attacks".<br></div><div><br></div><div= >A lot of things have changed since 1998, and setting an arbitrary high lim= it to prevent "ping" and "ping6" from being used to DOS= networked devices would be a pretty suspect decision if it was suggested t= oday. I expect a few other distributions have inherited this limit from the= original contribution, but to me that doesn't lend a strong argument t= o keeping it if the underlying reason it exists doesn't make sense anym= ore _and_ if removing/reducing it is a backwards-compatible, simple and non= -invasive change.<br></div><div><br></div><div>Tom<br></div><ol><li><a href= =3D"https://github.com/freebsd/freebsd-src/commit/526f06b278d9252add168aa18= b60242c08771165" target=3D"_blank">https://github.com/freebsd/freebsd-src/c= ommit/526f06b278d9252add168aa18b60242c08771165</a><br></li></ol><div><br></= div><div>On Sun, 24 Mar 2024, at 2:48 PM, Cy Schubert wrote:<br></div><bloc= kquote type=3D"cite" id=3D"m_-7303959741559428101qt"><div>On March 24, 2024= 5:57:01 AM PDT, Tom Forbes <<a href=3D"mailto:tom@tomforb.es" target=3D= "_blank">tom@tomforb.es</a>> wrote:<br></div><div>>Hello,<br></div><d= iv>>I maintain a small project called gping[1] that recently added suppo= rt for FreeBSD. One of the issues I ran into with running this on FreeBSD w= as that the `ping` command seems to disallow intervals of less than 1 secon= d if you are not running as root[2]. This check was last touched 23 years a= go and I'm curious as to why this restriction exists? I assume it's= from an earlier time in the internets history, and perhaps is related to p= otential misuse of the command to flood targets with packets via ping?<br><= /div><div>><br></div><div>>If it is then I'd like to suggest that= this limitation be removed or is reduced to `0.1` seconds instead? Using `= ping` for this kind of thing isn't a viable attack today, and the 1 sec= ond limitation seems like it would get in the way of useful uses of the pin= g command.<br></div><div>><br></div><div>>Also this is my first post = to any *BSD mailing list, so please let me know if this is not the right pl= ace to ask this question or propose this!<br></div><div>><br></div><div>= >Thanks,<br></div><div>>Tom<br></div><div>><br></div><div>>1.= =C2=A0<a href=3D"https://github.com/orf/gping" target=3D"_blank">https://gi= thub.com/orf/gping</a><br></div><div>>2.=C2=A0<a href=3D"https://github.= com/freebsd/freebsd-src/blame/8a56ef8d75b42ee7228247466c8c1712de6e3b6f/sbin= /ping/ping6.c#L441" target=3D"_blank">https://github.com/freebsd/freebsd-sr= c/blame/8a56ef8d75b42ee7228247466c8c1712de6e3b6f/sbin/ping/ping6.c#L441</a>= <br></div><div>Other UNIX-like systems have the same restriction. At $JOB w= e use Solaris and various Linux systems. All maintain the same restriction.= Other BSDs are the same.I don't think FreeBSD should be an outlier.<br= ></div><div><br></div><div>Maybe=C2=A0 setgid bit or a capability to remove= the restriction may be a better solution. But to reduce the timeout to ess= entially remove it is IMO unwise.=C2=A0<br></div><div><br></div><div>--=C2= =A0<br></div><div>Cheers,<br></div><div>Cy Schubert <<a href=3D"mailto:C= y.Schubert@cschubert.com" target=3D"_blank">Cy.Schubert@cschubert.com</a>&g= t;<br></div><div>FreeBSD UNIX:=C2=A0 <<a href=3D"mailto:cy@FreeBSD.org" = target=3D"_blank">cy@FreeBSD.org</a>>=C2=A0 Web:=C2=A0=C2=A0<a href=3D"h= ttps://FreeBSD.org" target=3D"_blank">https://FreeBSD.org</a><br></div><div= >NTP:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 <<a href=3D"mailto:c= y@nwtime.org" target=3D"_blank">cy@nwtime.org</a>>=C2=A0=C2=A0=C2=A0 Web= :=C2=A0=C2=A0<a href=3D"https://nwtime.org" target=3D"_blank">https://nwtim= e.org</a><br></div><div>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 e^(i*pi)+1=3D0<br></div><div><br></div><div>= Pardon the typos. Small keyboard in use.<br></div><div><br></div></blockquo= te><div><br></div></div></div></blockquote></div> --000000000000bce2b106146c1de0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFPNf58PS1qozfVt30GHnf4Jyi2p=j6ic-JVXQ3iCBb3d82m8A>