Re: is it ok to listen on a localhost port for tests during build time?

[Serafeim Zanikolas <serzan@hellug.gr>]

On Sun, Dec 06, 2009 at 11:56:37AM +0100, Tollef Fog Heen wrote:
> ]] Serafeim Zanikolas 
> 
> | The service supports no authorisation/authentication and, as of now, has no
> | way of limiting the size of inserted messages. Would it be acceptable if I
> | were to patch the tests to accept connections only from the localhost?
> | (implies a potential risk of a local user attack)
> 
> What are the implications of a user inserting a message?  Test failing
> where it should succeed?  DoS causing the build to fail?  DoS causing
> the disk to fill up?  Local root exploit?  If it's just the build
> failing, I think it's fine.  If it becomes a root exploit, it's
> certainly not.

beanstalkd keeps messages in-memory (non-persistent by default) so one could
potentially force the host to thrash by stuffing big messages (limiting msg
size is considered for future releases).

As for security exploits, isn't that an issue with testing any daemon? I could
patch the scripts to run the deamon as nobody but that would fail under
fakeroot

For now at least I'll upload with testing disabled.

Thanks for the feedback.

-S

-- 
debtags-organised WNPP bugs: http://members.hellug.gr/serzan/wnpp