Date: Sun, 22 Jul 2001 20:54:55 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: "Jeroen Massar" <jeroen@unfix.org> Cc: "'Brian Somers'" <brian@Awfulhak.org>, "'Hajimu UMEMOTO'" <ume@mahoroba.org>, <aschneid@mail.slc.edu>, <ras@e-gerbil.net>, <roam@orbitel.bg>, <freebsd-security@FreeBSD.ORG>, <freebsd-gnats-submit@FreeBSD.ORG> Subject: Re: RE: bin/22595: telnetd tricked into using arbitrary peer ip Message-ID: <200107230354.f6N3stj13517@earth.backplane.com> References: <000f01c11315$094851e0$420d640a@HELL>
next in thread | previous in thread | raw e-mail | index | archive | help
All very nice, guys, but not realistic. Only FreeBSD uses an API. Third party programs access the structure directly for the most part so adding new fields to the structure will just cause more garbage to be written to the file (many third party programs don't bother to bzero the structure before writing it out). We aren't going to add a separate hostname[] array... we just got through ripping out the hostname crap, because there was never enough room in the field to actually store the FQDN, and many programs don't bother to verify the forward against the reverse anyway so the data would be suspect. And short of making a 200+ character array to hold it, which would be masive bloat, there is no way to fit it in the structure. If you want to store host names for posterity you will have to log-process the file and store the results somewhere else. Every program under the sun assumes utmp is a fixed-length structure. Pretty much our only option is to extend the size of existing fields and take the 'oh hell the structure size changed' hit. i -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107230354.f6N3stj13517>