[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bindv6only again



On Thu, May 13, 2010 at 05:54:04PM +0200, Tollef Fog Heen wrote:
> ]] Juliusz Chroboczek 
> Because it does not handle non-default values.  This is just like an
> application that didn't handle IFS or PATH being different from its
> default value would be buggy.  If it absolutely needs a given value, it
> should tell the system that.
> 
> | bindv6only=0 is assumed by both POSIX and RFC 3493.
> 
> As the default value, yes.  Not as the only possible value.

POSIX 1003.1-2008 specifies that IPv4 can be used on AF_INET6 sockets
using mapped addresses.  Almost as an afterthought, it specifies the
behavior of IPV6_V6ONLY and the default value of that option as 0.  I
have determined that with net.ipv6.bindv6only=1, mapped addresses do not
function.  Juliusz also points this out.

It may be true that software that does not handle all possible cases of
net.ipv6.bindv6only is buggy.  Nevertheless, the default value is 0.
That means the default value of the supposedly-conforming
implementation (i.e. Debian).  As an implementer of the POSIX
interfaces, Debian is obligated to adopt 0 as the default value in order
to comply with POSIX, no matter how much we dislike it or think it may
be wrong.

Another example: it is widely recognized that using gets(3) is a great
way to add security bugs to a program and that nobody in their right
mind should use it[0].  Nevertheless, for compatibility with C89, C99,
POSIX 2001, and POSIX 2008, we provide this function.

Even ignoring POSIX compatibility, using net.ipv6.bindv6only=1 breaks
things now.  It raises the bar for people to implement basic (if buggy)
IPv6 support in their packages, which has long been a goal of Debian's
(and very soon, a necessity).

I have no problem with non-RC bug reports if people want to use
net.ipv6.bindv6only=1, as long as that's an administrator's decision and
not Debian's.

[0] Theoretically, one could use it safely if stdin is redirected to an
unnamed pipe also opened by the program.  I haven't been able to come up
with other secure ways to use it.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Attachment: signature.asc
Description: Digital signature


Reply to: