[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rlinetd security



On Mon, Jun 18, 2001 at 11:08:49AM -0700, Vineet Kumar wrote:
> The argument below is pretty bad. Have you ever heard of anybody
> actually getting impaled by holding a sword poised at his belly and
> walking into grand central station at 5:00pm going "'scuse me, pardon
> me, 'scuse me, pardon *GGUAGHGH!*"? I sure haven't. So why not do it?
> Our hypothetical late friend didn't need to be doing it, and he
> shouldn't have been doing it. 

Huh?  You've acknowledged that there may be legitimate uses for the
simple services that you may be ignorant of.  I don't think there is any
legitimate gain to be had be running around a crowded area with a blade
against your belly.

> "the standard inetd services including discard, echo, sysstat,
> netstat et al all *have* *had* their known vulnerabilities before now.
> All long-since patched, but that's not to say there won't be another
> tomorrow."
> 

Have you looked at their code?  I can assure you that there is no
potential for remote exploit in 
void
discard_stream(int s, struct servtab *sep)
{
        char buffer[BUFSIZE];

        setproctitle(sep->se_service, s);
        while ((errno = 0, read(s, buffer, sizeof(buffer)) > 0) ||
                        errno == EINTR)
                ;
        exit(0);
}

Or how 'bout this:
/* Return human-readable time of day */
void
daytime_stream(int s, struct servtab *sep)
{
        char buffer[256];
        time_t clocc;

        (void)sep;

        clocc = time(NULL);
        snprintf(buffer, sizeof(buffer), "%.24s\r\n", ctime(&clocc));
        write(s, buffer, strlen(buffer));
}

These services are so simple that any moderately knowledgeable coder can
ensure that there is no risk to leaving the services turned on.

noah

-- 
 _______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html 

Attachment: pgpla0XPV4FWO.pgp
Description: PGP signature


Reply to: