From owner-freebsd-security Wed Jan 31 13:07:36 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id NAA10741 for security-outgoing; Wed, 31 Jan 1996 13:07:36 -0800 (PST) Received: from puli.cisco.com (puli.cisco.com [171.69.1.174]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id NAA10732 for ; Wed, 31 Jan 1996 13:07:29 -0800 (PST) Received: from localhost.cisco.com (localhost.cisco.com [127.0.0.1]) by puli.cisco.com (8.6.8+c/8.6.5) with SMTP id NAA18066; Wed, 31 Jan 1996 13:05:43 -0800 Message-Id: <199601312105.NAA18066@puli.cisco.com> To: "Garrett A. Wollman" Cc: security@freebsd.org Subject: Re: [cisco.external.bugtraq] Re: BoS: bind() Security Problems In-Reply-To: Your message of "Wed, 31 Jan 1996 14:30:09 EST." <9601311930.AA00772@halloran-eldar.lcs.mit.edu> Date: Wed, 31 Jan 1996 13:05:43 -0800 From: Paul Traina Sender: owner-security@freebsd.org Precedence: bulk > Date: Wed, 31 Jan 1996 14:30:09 -0500 > From: "Garrett A. Wollman" > To: Paul Traina > Cc: security@freebsd.org > Subject: [cisco.external.bugtraq] Re: BoS: bind() Security Problems > > < said: > > > Yuck, I hate to think of what we're going to break when we fix this, but > > we should definitely fix this, otherwise users can hose NFS & friends. > > Lots of stuff will get broken. Although, it occurs to me... > > It should be possible to require that SO_REUSEPORT be specified on > both the original and the duplicate sockets. This way, those programs > (like ALL UDP-based servers) for which this is a requirement will > still be able to work with a minimum of modification. We can't, > however, require any modifications where multicast addresses are > involved. Correct, which is perfectly reasonable behavior.