From owner-freebsd-security  Tue Jul  7 04:42:08 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id EAA12741
          for freebsd-security-outgoing; Tue, 7 Jul 1998 04:42:08 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from implode.root.com (implode.root.com [198.145.90.17])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA12736
          for <security@FreeBSD.ORG>; Tue, 7 Jul 1998 04:42:06 -0700 (PDT)
          (envelope-from root@implode.root.com)
Received: from implode.root.com (localhost [127.0.0.1])
	by implode.root.com (8.8.5/8.8.5) with ESMTP id EAA22650;
	Tue, 7 Jul 1998 04:42:03 -0700 (PDT)
Message-Id: <199807071142.EAA22650@implode.root.com>
To: rotel@indigo.ie
cc: "Allen Smith" <easmith@beatrice.rutgers.edu>, security@FreeBSD.ORG,
        njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com
Subject: Re: bsd securelevel patch question 
In-reply-to: Your message of "Tue, 07 Jul 1998 11:46:35 -0000."
             <199807071046.LAA00625@indigo.ie> 
From: David Greenman <dg@root.com>
Reply-To: dg@root.com
Date: Tue, 07 Jul 1998 04:42:03 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>>    What does accept() have to do with how the socket is bind()ed? (Answer:
>> absolutely nothing) The bind() and listen() occur in the passive() function,
>> which very definately sets the ctrl_addr as the listen address.
>
>I'm talking about the addresses the ftpd will accept data channel
>connections from in paranoid (and passive) mode, not the address at
>which it listens for those connections, I thought you were too,
>from what you said above: "ftpd listens for the control channel IP
>address".

   Now I realize where the misunderstanding started. You're suggesting that
after the accept(), that ftpd should verify that the address of the peer
(presumably via getpeername()) matches the peer address of the control
channel? Assuming that the ftp client (or proxy) always does a bind() using
it's local control channel address so that the server always sees the same
peer address independant of routing issues, then this should work.
   It would be nice to be able to bind() the foreign address to a (listen)
socket as well.

-DG

David Greenman
Co-founder/Principal Architect, The FreeBSD Project

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message