Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 04 Feb 2018 22:28:56 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 225668] tcsh: reads /etc/hosts and calls name resolution erroneously to find REMOTEHOST
Message-ID:  <bug-225668-8-WHtXFtNE9F@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-225668-8@https.bugs.freebsd.org/bugzilla/>
References:  <bug-225668-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225668

Jilles Tjoelker <jilles@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|New                         |Open
            Summary|'su' command reads          |tcsh: reads /etc/hosts and
                   |/etc/hosts and calls name   |calls name resolution
                   |resolution erroneously      |erroneously to find
                   |                            |REMOTEHOST
                 CC|                            |jilles@FreeBSD.org

--- Comment #1 from Jilles Tjoelker <jilles@FreeBSD.org> ---
Using ktrace -i on a su command, I found that it is not su, but csh that do=
es
these strange DNS requests. The code tries to set the REMOTEHOST environment
variable and is in contrib/tcsh/tc.func.c getremotehost().

This exact problem is called out in a comment:

            /*
             * There is conflict with IPv6 address and X DISPLAY.  So,
             * we assume there is no IPv6 address in utmp and don't
             * touch here.
             */

However, the assumption is wrong. There can be IPv6 addresses in utmp(x).

A simple fix would be to use inet_pton() or getaddrinfo() with AI_NUMERICHO=
ST
to check for an IPv6 (or also IPv4) address, and to skip the X DISPLAY hand=
ling
in that case.

This fix should be submitted to the upstream tcsh project first.

However, perhaps we want to eliminate more obsolete code here. The name of =
the
remote host is rather less important now for shell startup files than it us=
ed
to be when the code was written (such as to deal with terminal settings). It
may be sufficient to extract a hostname from the utmp host without touching=
 DNS
at all.

Fortunately, there is a 2 second timeout on finding the remote hostname, so=
 it
will not prevent you from logging in.

The "leaked" information is just the top 16 bits of the IPv6 address togeth=
er
with the local DNS domain; perhaps the most important part is that you su'e=
d at
that time.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-225668-8-WHtXFtNE9F>