mailing list archives
Re: bind() Security Problems
From: iialan () iifeak swan ac uk (Alan Cox)
Date: Thu, 1 Feb 1996 18:47:48 +0000
Alan didnt like this, so all bind to the same port will
not be allowed in newer kernels. You should be able to easily adapt
this patch or Alan's patch to 1.2.13 without much trouble.
The two things this breaks BTW are "named" and "xntpd". No virtual hosting
server I have tried breaks. The supplied euid test is unsafe because some
programs (older Linux nfsd for example) change uid as they do requests.
I believe the correct solution in fact is to require BOTH sockets set
SO_REUSEADDR to allow the rebind.
abuse Red Hat 2.1 security hole David J Meltzer (Feb 03)
resizecons Red Hat 2.1 security hole David J Meltzer (Feb 03)
Re: bind() Security Problems Casper Dik (Feb 02)
Re: bind() Security Problems Alan Cox (Feb 01)
- passwd command in AIX 4.1.4, (continued)