Date: Fri, 25 May 2001 14:38:21 +0100 From: David Malone <dwmalone@maths.tcd.ie> To: Jeremy Chadwick <jdc@parodius.com> Cc: freebsd-bugs@FreeBSD.org Subject: Re: bin/27636: inetd's internal "auth" service exploits possible bug Message-ID: <20010525143821.A95198@walton.maths.tcd.ie> In-Reply-To: <200105251310.f4PDA3s19648@freefall.freebsd.org>; from jdc@parodius.com on Fri, May 25, 2001 at 06:10:03AM -0700 References: <200105251310.f4PDA3s19648@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 25, 2001 at 06:10:03AM -0700, Jeremy Chadwick wrote: > True; I'm hearing you on FM. However, there's a whole slew > of available error codes for reporting something much more > proper, in errno.h. Something gives me the impression (and I > could be flat-out wrong with this assumption) that the author > of the kernel code chose ENOENT because it was quick-and-dirty. > As I don't have any idea what the kernel code actually *does*, I > suppose I'm out on a limb. As far as I know the kernel is telling you that it can't find any info about the connection you asked for. ENOENT seems to be about the best errno for this. EADDRNOTAVAIL is close, but probably futher from being correct than ENOENT. > Here's the best part: the sysctl variable *DOES* indeed exist. > Herein lies the magic: There are lots of magic sysctl variables for dredging odd info out of the kernel. Very few of them are documented - the ident service and this sysctl are not exceptional here. You'll find a few more similar ones in libkvm too I think. > I find this very peculiar. I am lead to believe that basically > the results of a sysctlbyname(3) call on the entry for > net.inet.[tcp|udp].getcred are supposed to contain the UID of > the owner of the socket. I'm not quite sure *WHY* sysctl was > chosen for this, but I digress... There has been a general push to stop people poking around in the kernel's address space for things like ps, vmstat, and ident. The prefered option now is to use magic sysctls for this. > the entire sysctl variable itself seems special. I'm totally > unsure either way; I just know pidentd does the same call and > does not have this problem. I'd guess it just reports the error in a different way. > I believe inetd should be returning "NO-USER" in this case. According to the RFC we shouldn't be returning errno messages anyway. I'll see what can be done. I'm doing some cleanups to the ident code at the moment anyway. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010525143821.A95198>