Re: To the bind maintainer

To: "debian-devel@lists.debian.org" <debian-devel@lists.debian.org>
Subject: Re: To the bind maintainer
From: "Eric Weigel" <ericw@bestnet.org>
Date: Wed, 26 Jan 2000 13:43:52 -0500
Message-id: <[🔎] 200001261843.NAA06963@yoda.bestnet.org>
Reply-to: "Eric Weigel" <ericw@bestnet.org>

On Tue, 25 Jan 2000 16:34:43 +0100, Paul Slootman wrote:

>Every time I'm reminded of bind attaching itself to each interface
>explicitly, I wonder why it does that (and doesn't simply bind to
>0.0.0.0). _Is_ there a valid reason?

Yes,
security.

http://rootshell.com/archive-j457nxiqi3gq59dv/199707/bindExploit.txt.htm
l

"On most systems, a combination of setting the SO_REUSEADDR
 socket option, and a call to bind() allows any process to bind to
 a port to which a previous process has bound width INADDR_ANY."

Now, I understand the Linux kernel has code to prevent this (?), but
the 
Bind nameserver runs on a lot of different systems.

Reply to:

Prev by Date: Re: xfree
Next by Date: Re: Bug#56238: Y2K bug in browser-history
Previous by thread: Re: To the bind maintainer
Next by thread: Suggest or depend on logrotate ?
Index(es):
- Date
- Thread