Re: SO_REUSEADDR redux

Alan Cox (alan@lxorguk.ukuu.org.uk)
Thu, 1 Feb 2001 22:39:37 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Harald Arnesen: "Re: spelling of disc (disk) in /devfs"
Previous message: Mike Harrold: "Re: spelling of disc (disk) in /devfs"
Next in thread: Paul D. Smith: "Re: SO_REUSEADDR redux"
Reply: Paul D. Smith: "Re: SO_REUSEADDR redux"
Reply: David S. Miller: "Re: SO_REUSEADDR redux"
Reply: David S. Miller: "Re: SO_REUSEADDR redux"

> This application uses SO_REUSEADDR in conjunction with INADDR_ANY. What
> it does is bind() to INADDR_ANY, then listen(). Then, it proceeds to
> bind (but _not_ listen) various other specific addresses.

That should be ok if its setting SO_REUSEADDR

> not a security problem: what's really the problem is having two
> _listens_. As long as you're only listening on the one, I don't see how
> connections/packets could be stolen.

UDP.

In fact the classic exploit consisted of binding to port 2049 witha specific
connect address set on UDP and stealing NFS packets..

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Harald Arnesen: "Re: spelling of disc (disk) in /devfs"
Previous message: Mike Harrold: "Re: spelling of disc (disk) in /devfs"
Next in thread: Paul D. Smith: "Re: SO_REUSEADDR redux"
Reply: Paul D. Smith: "Re: SO_REUSEADDR redux"
Reply: David S. Miller: "Re: SO_REUSEADDR redux"
Reply: David S. Miller: "Re: SO_REUSEADDR redux"