Date: Mon, 23 Jul 2001 00:55:16 +0100 From: Brian Somers <brian@Awfulhak.org> To: Matt Dillon <dillon@earth.backplane.com> Cc: Hajimu UMEMOTO <ume@mahoroba.org>, aschneid@mail.slc.edu, brian@Awfulhak.org, ras@e-gerbil.net, roam@orbitel.bg, freebsd-security@FreeBSD.ORG, freebsd-gnats-submit@FreeBSD.ORG Subject: Re: bin/22595: telnetd tricked into using arbitrary peer ip Message-ID: <200107222355.f6MNtGg11536@hak.lan.Awfulhak.org> In-Reply-To: Message from Matt Dillon <dillon@earth.backplane.com> of "Sun, 22 Jul 2001 15:57:56 PDT." <200107222257.f6MMvuE12313@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> :>>>>> On Sun, 22 Jul 2001 17:22:32 -0400
> :>>>>> Anthony Schneider <aschneid@mail.slc.edu> said:
> :
> :aschneid> 16 bytes.
> :
> :It's a binary form. We need 40 bytes for global address. To save
> :site-local or link-local address, we need more space for scope
> :identifier. I believe the length of scope identifier is not defined
> :and system specific.
> :
> :global address:
> :
> : 1234567890123456789012345678901234567890
> : NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN\n
> :
> :scoped address:
> :
> : 1234567890123456789012345678901234567890
> : NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN%fxp0\n
> :
> :There is one more consideration. `:' is conflict with X. I have no
> :particular idea to solve this problem. Enclosing IPv6 address with
> :`[' and `]' doesn't help without changing X side.
> :
> :--
> :Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
> :ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org
> :http://www.imasy.org/~ume/
>
> Ok, it sounds like 56 bytes ought to be sufficient. This will
> increase the lastlog structure from 28 bytes to 68 bytes
> and the utmp/wtmp structure from 44 bytes to 84 bytes. A
> buildworld would be necessary to deal with the change and
> certrain ports, such as ftpd, would have to be rebuilt
> (for those people using them) to avoid corruption. utmp
> is one of the few structures in the system which is
> written out 'manually' by various programs, which is why
> . changing the size of the structure is so nasty.
I think an API should really be introduced if we're going to do
this - there's no point in doing only half the job :-/
I'm no great expert with IPv6, but if the scoping needs to be
recorded here, who can guarantee that the length of the interface
name will fit (remember, interface numbers can easily be something
like 10000 -- think ifconfig gif10000 create, and that's not even
considering the name itself having no limits as far as I'm aware).
Besides, we also need an address family field. It seems that part of
the problem described in this PR is the fact that running ``login -p
hostname blah'' results in login(1) doing a reverse lookup on
hostname - assuming it's IPv4. w(1) does the same.
> The issue with X is a separate problem.
The X-style ``machine:screen'' thing doesn't conflict as an IPv6
address will always have at least two ``:''s in it and an X entry
will only ever have one.
> -Matt
--
Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107222355.f6MNtGg11536>