From owner-freebsd-security Thu Mar 27 14:11:42 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA27855 for security-outgoing; Thu, 27 Mar 1997 14:11:42 -0800 (PST) Received: from enteract.com (root@enteract.com [206.54.252.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA27843 for ; Thu, 27 Mar 1997 14:11:33 -0800 (PST) Received: (from tqbf@localhost) by enteract.com (8.8.5/8.7.6) id QAA17602; Thu, 27 Mar 1997 16:11:22 -0600 (CST) From: "Thomas H. Ptacek" Message-Id: <199703272211.QAA17602@enteract.com> Subject: Re: More netinet suser() stuff... To: fenner@parc.xerox.com (Bill Fenner) Date: Thu, 27 Mar 1997 16:11:21 -0600 (CST) Cc: fenner@parc.xerox.com, tqbf@enteract.com, freebsd-security@freebsd.org Reply-To: tqbf@enteract.com In-Reply-To: <97Mar27.135535pst.177486@crevenia.parc.xerox.com> from "Bill Fenner" at Mar 27, 97 01:55:33 pm X-Mailer: ELM [version 2.4 PL24 ME8a] Content-Type: text Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Check again. s is an IPPROTO_ICMP socket, sndsock is an IPPROTO_RAW > socket. If it fails to look up "icmp" in /etc/protocols, then it > opens no sockets at all. You're obviously right. Sorry about the confusion. Without any modifications to my kernel, traceroute continues to work using the same socket for sending and receiving (sndsock = s). I'll try returning EACCESS in the raw IP code for !IPPROTO_RAW and see if that breaks traceroute now. ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- "If you're so special, why aren't you dead?"