Date: Sun, 04 Feb 2018 22:28:56 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 225668] tcsh: reads /etc/hosts and calls name resolution erroneously to find REMOTEHOST Message-ID: <bug-225668-8-WHtXFtNE9F@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-225668-8@https.bugs.freebsd.org/bugzilla/> References: <bug-225668-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225668 Jilles Tjoelker <jilles@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Open Summary|'su' command reads |tcsh: reads /etc/hosts and |/etc/hosts and calls name |calls name resolution |resolution erroneously |erroneously to find | |REMOTEHOST CC| |jilles@FreeBSD.org --- Comment #1 from Jilles Tjoelker <jilles@FreeBSD.org> --- Using ktrace -i on a su command, I found that it is not su, but csh that do= es these strange DNS requests. The code tries to set the REMOTEHOST environment variable and is in contrib/tcsh/tc.func.c getremotehost(). This exact problem is called out in a comment: /* * There is conflict with IPv6 address and X DISPLAY. So, * we assume there is no IPv6 address in utmp and don't * touch here. */ However, the assumption is wrong. There can be IPv6 addresses in utmp(x). A simple fix would be to use inet_pton() or getaddrinfo() with AI_NUMERICHO= ST to check for an IPv6 (or also IPv4) address, and to skip the X DISPLAY hand= ling in that case. This fix should be submitted to the upstream tcsh project first. However, perhaps we want to eliminate more obsolete code here. The name of = the remote host is rather less important now for shell startup files than it us= ed to be when the code was written (such as to deal with terminal settings). It may be sufficient to extract a hostname from the utmp host without touching= DNS at all. Fortunately, there is a 2 second timeout on finding the remote hostname, so= it will not prevent you from logging in. The "leaked" information is just the top 16 bits of the IPv6 address togeth= er with the local DNS domain; perhaps the most important part is that you su'e= d at that time. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-225668-8-WHtXFtNE9F>