[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice on inetd Denial of Service Bug

> Unfortunately I can't think of a reasonable way of checking for this
> in the preinst. The shell code I posted to the bug report works okay
> for testing, but it'll report existing connections that are perfectly
> reasonable, rather than just programs listening where they shouldn't be,
> so it's not particularly good for sticking in a preinst and randomly
> killing processes. It also depends on an optional package, which ain't
> good.
> Ideas? Or should I just forget it, and let people doing an upgrade look
> out for themselves?

How about instead of killing processes, just want the user if such a
situation exists using the same check?

/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`     bcollins@debian.org  --  bcollins@openldap.org  --  bmc@visi.net     '

Reply to: