From nobody Sun Mar 24 18:20:36 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4V2krz0LvNz5GBdv for ; Sun, 24 Mar 2024 18:20:51 +0000 (UTC) (envelope-from leeb@ratnaling.org) Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4V2krx5KtJz4TlL for ; Sun, 24 Mar 2024 18:20:49 +0000 (UTC) (envelope-from leeb@ratnaling.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ratnaling-org.20230601.gappssmtp.com header.s=20230601 header.b=WrMhzQvq; dmarc=fail reason="No valid SPF, DKIM not aligned (relaxed)" header.from=ratnaling.org (policy=none); spf=neutral (mx1.freebsd.org: 2607:f8b0:4864:20::b32 is neither permitted nor denied by domain of leeb@ratnaling.org) smtp.mailfrom=leeb@ratnaling.org Received: by mail-yb1-xb32.google.com with SMTP id 3f1490d57ef6-dc236729a2bso3502408276.0 for ; Sun, 24 Mar 2024 11:20:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ratnaling-org.20230601.gappssmtp.com; s=20230601; t=1711304448; x=1711909248; darn=freebsd.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=d2DjWttCyW4tJ5GuV3FOyWpATIRMF258FdpXgPsJFjY=; b=WrMhzQvqv93wG+goOANjB1UzZ6ShJARebVCUlqeGsQ7/ySFikc26jnC59Ch1WzMZGg ODsZBU7XolXlSJySkaw2r+OXJANjGJG8td3nF3eCAs2vHPFSyKpi5oVJSiz0+1211bkY FlcH+rVPRVYGXfYtL1HfX2hDYVoA0DETUxu/2n43jhhZUwaHNok4ACoUvrx5TKPN7HaL kxkIiLxV2zl+hI2e5W3uaH/yRWpIJ1hRdgoRdb5ZKEANLv6uH6ej4Loat3X69kMKRsHB jBy8VIP3JO9CPF5CHAF+A1UB8BbvZpHM6MH9j+ioH7UPOOCdbO1phAI7tFqb7qoLs6h4 yblg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711304448; x=1711909248; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=d2DjWttCyW4tJ5GuV3FOyWpATIRMF258FdpXgPsJFjY=; b=TcLSTbCPyh1uNnB/KYkiBzvVj0FA1328zOersY2ySCK49veJnqy15ucALClvbJMZmI la0D5bZacczu1v9tl0PNZOKijAGqMEXEfK66xGxNo+R1jF2qG5jIKMx/TYsfgdpbbkEm WyNfj57GmJceUe50hTJlqYVfUmhe9weXQxc3cDz+XPgKSfAxAZQIYvXnxi7C3CfSpI0f qVIc7ZjvKBxjx2F6dsUqY/Ca8DCAnPeevuCXdVUtC0/QSyyg6MfKDspM8iwZw9NllkDk 2HVWJpJ3GfJWkDARQ6FP4Y3hvVfwzvSo67Fg2FCZVAHI1Yg4rD7enCvHaXiKnGyfhsqp HD4Q== X-Gm-Message-State: AOJu0Yw4dkfU3lGN07GG5YUIKkLHHI7+SxwgOFXm0I1iUnGdYO7/Sd9v /6uNloHh+DJ0r2/4Z+P6kuwIux3ldgQF/6KTw5rtPliPy/kpjYyScRIcYBghfl9hJD9z2uMt4ki 6MrtnSPjPVBpnUxtstsMr9kiK7OZ25kvk51FFs1dMbHJYfeOjrSs= X-Google-Smtp-Source: AGHT+IHaWZz3dvafY7usIh3TZHhwZiqDDqz0mUswX6cDEvbLbaRDn/6N141ZVoVJBVNCW+l/jLtY4am3FteEiAXnEBs= X-Received: by 2002:a25:4982:0:b0:dcd:5bdb:4aa4 with SMTP id w124-20020a254982000000b00dcd5bdb4aa4mr3658261yba.51.1711304448196; Sun, 24 Mar 2024 11:20:48 -0700 (PDT) List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org MIME-Version: 1.0 References: <954e1d80-d44f-4c3d-88a7-122dc0f25de4@app.fastmail.com> <2D5DD001-DD98-4A8E-9458-6754E6D977EE@cschubert.com> <4f8b035c-b2cc-4606-a691-f1d86827282b@app.fastmail.com> In-Reply-To: <4f8b035c-b2cc-4606-a691-f1d86827282b@app.fastmail.com> From: Lee Brown Date: Sun, 24 Mar 2024 11:20:36 -0700 Message-ID: Subject: Re: Removing or changing the ping interval restriction for non-root users To: freebsd-hackers@freebsd.org Content-Type: multipart/alternative; boundary="000000000000bce2b106146c1de0" X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.20 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; R_DKIM_ALLOW(-0.20)[ratnaling-org.20230601.gappssmtp.com:s=20230601]; DMARC_POLICY_SOFTFAIL(0.10)[ratnaling.org : No valid SPF, DKIM not aligned (relaxed),none]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ARC_NA(0.00)[]; R_SPF_NEUTRAL(0.00)[?all]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[freebsd-hackers@freebsd.org]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::b32:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DKIM_TRACE(0.00)[ratnaling-org.20230601.gappssmtp.com:+] X-Rspamd-Queue-Id: 4V2krx5KtJz4TlL --000000000000bce2b106146c1de0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable net/fping will allow sub-second intervals: $ ping -i .1 10.1.1.1 ping: -i interval too short: Operation not permitted $ fping --interval=3D1 --vcount=3D20 --period=3D50 10.1.1.1 20 lines of result Better than changing base IMHO (POLA) On Sun, Mar 24, 2024 at 8:04=E2=80=AFAM Tom Forbes wrote: > I've personally never come across this limitation on any system that I've > used, however it is a good point that there are bound to be systems that > have the same limitation. After digging a bit more into the history the > limitation was added in this commit[1] in 1998 with the explicit intentio= n > to "secure options from user-level D.O.S attacks". > > A lot of things have changed since 1998, and setting an arbitrary high > limit to prevent "ping" and "ping6" from being used to DOS networked > devices would be a pretty suspect decision if it was suggested today. I > expect a few other distributions have inherited this limit from the > original contribution, but to me that doesn't lend a strong argument to > keeping it if the underlying reason it exists doesn't make sense anymore > _and_ if removing/reducing it is a backwards-compatible, simple and > non-invasive change. > > Tom > > 1. > https://github.com/freebsd/freebsd-src/commit/526f06b278d9252add168aa1= 8b60242c08771165 > > > On Sun, 24 Mar 2024, at 2:48 PM, Cy Schubert wrote: > > On March 24, 2024 5:57:01 AM PDT, Tom Forbes wrote: > >Hello, > >I maintain a small project called gping[1] that recently added support > for FreeBSD. One of the issues I ran into with running this on FreeBSD wa= s > that the `ping` command seems to disallow intervals of less than 1 second > if you are not running as root[2]. This check was last touched 23 years a= go > and I'm curious as to why this restriction exists? I assume it's from an > earlier time in the internets history, and perhaps is related to potentia= l > misuse of the command to flood targets with packets via ping? > > > >If it is then I'd like to suggest that this limitation be removed or is > reduced to `0.1` seconds instead? Using `ping` for this kind of thing isn= 't > a viable attack today, and the 1 second limitation seems like it would ge= t > in the way of useful uses of the ping command. > > > >Also this is my first post to any *BSD mailing list, so please let me > know if this is not the right place to ask this question or propose this! > > > >Thanks, > >Tom > > > >1. https://github.com/orf/gping > >2. > https://github.com/freebsd/freebsd-src/blame/8a56ef8d75b42ee7228247466c8c= 1712de6e3b6f/sbin/ping/ping6.c#L441 > Other UNIX-like systems have the same restriction. At $JOB we use Solaris > and various Linux systems. All maintain the same restriction. Other BSDs > are the same.I don't think FreeBSD should be an outlier. > > Maybe setgid bit or a capability to remove the restriction may be a > better solution. But to reduce the timeout to essentially remove it is IM= O > unwise. > > -- > Cheers, > Cy Schubert > FreeBSD UNIX: Web: https://FreeBSD.org > NTP: Web: https://nwtime.org > e^(i*pi)+1=3D0 > > Pardon the typos. Small keyboard in use. > > > --000000000000bce2b106146c1de0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
net/fping will allow sub-second intervals:
=
$ ping -i .1 10.1.1.1
ping: -i interval too short: Operation = not permitted

$ fping --interval=3D1 --vcount=3D20= --period=3D50 10.1.1.1
20 lines of result

Better than changing base IMHO (POLA)

On Sun, Mar 24, 2024 at 8= :04=E2=80=AFAM Tom Forbes <tom@tomforb= .es> wrote:
I've persona= lly never come across this limitation on any system that I've used, how= ever it is a good point that there are bound to be systems that have the sa= me limitation. After digging a bit more into the history the limitation was= added in this commit[1] in 1998 with the explicit intention to "secur= e options from user-level D.O.S attacks".

A lot of things have changed since 1998, and setting an arbitrary high lim= it to prevent "ping" and "ping6" from being used to DOS= networked devices would be a pretty suspect decision if it was suggested t= oday. I expect a few other distributions have inherited this limit from the= original contribution, but to me that doesn't lend a strong argument t= o keeping it if the underlying reason it exists doesn't make sense anym= ore _and_ if removing/reducing it is a backwards-compatible, simple and non= -invasive change.

Tom
  1. https://github.com/freebsd/freebsd-src/c= ommit/526f06b278d9252add168aa18b60242c08771165

On Sun, 24 Mar 2024, at 2:48 PM, Cy Schubert wrote:
On March 24, 2024= 5:57:01 AM PDT, Tom Forbes <tom@tomforb.es> wrote:
>Hello,
>I maintain a small project called gping[1] that recently added suppo= rt for FreeBSD. One of the issues I ran into with running this on FreeBSD w= as that the `ping` command seems to disallow intervals of less than 1 secon= d if you are not running as root[2]. This check was last touched 23 years a= go and I'm curious as to why this restriction exists? I assume it's= from an earlier time in the internets history, and perhaps is related to p= otential misuse of the command to flood targets with packets via ping?
<= /div>
>
>If it is then I'd like to suggest that= this limitation be removed or is reduced to `0.1` seconds instead? Using `= ping` for this kind of thing isn't a viable attack today, and the 1 sec= ond limitation seems like it would get in the way of useful uses of the pin= g command.
>
>Also this is my first post = to any *BSD mailing list, so please let me know if this is not the right pl= ace to ask this question or propose this!
>
= >Thanks,
>Tom
>
Other UNIX-like systems have the same restriction. At $JOB w= e use Solaris and various Linux systems. All maintain the same restriction.= Other BSDs are the same.I don't think FreeBSD should be an outlier.

Maybe=C2=A0 setgid bit or a capability to remove= the restriction may be a better solution. But to reduce the timeout to ess= entially remove it is IMO unwise.=C2=A0

--=C2= =A0
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com&g= t;
FreeBSD UNIX:=C2=A0 <cy@FreeBSD.org>=C2=A0 Web:=C2=A0=C2=A0https://FreeBSD.org
NTP:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 <cy@nwtime.org>=C2=A0=C2=A0=C2=A0 Web= :=C2=A0=C2=A0https://nwtim= e.org
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 e^(i*pi)+1=3D0

= Pardon the typos. Small keyboard in use.


--000000000000bce2b106146c1de0--