Date: Mon, 23 Jul 2001 08:59:49 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Brian Somers <brian@Awfulhak.org> Cc: "Jeroen Massar" <jeroen@unfix.org>, "'Brian Somers'" <brian@Awfulhak.org>, "'Hajimu UMEMOTO'" <ume@mahoroba.org>, aschneid@mail.slc.edu, ras@e-gerbil.net, roam@orbitel.bg, freebsd-security@FreeBSD.ORG, freebsd-gnats-submit@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: bin/22595: telnetd tricked into using arbitrary peer ip Message-ID: <200107231559.f6NFxng17095@earth.backplane.com> References: <200107231012.f6NACgg60192@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:Ok, I agree. I think we should bump UT_HOSTSIZE to 40 then and only
:put unscoped addresses in the field (ie, fec0::1, not fec0::1%vr0).
:
:Any disagreements ? Should this be brought up (explained) on -arch
:now ?
Make it 56, and you've got to put the whole IP address in the field,
not the short form. Logs are often processed off-host and the short
form wouldn't be useful. And we have to worry about X at some point.
40 isn't quite big enough.
-Matt
:
:--
:Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
: http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
:Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
:
:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107231559.f6NFxng17095>