Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race

From: Alan Cox (alanat_private)
Date: Sat Jan 23 1999 - 16:40:33 PST

Next message: KuRuPTioN: "SSH 1.x and 2.x Daemon"

Previous message: Eric: "CERT Advisory CA-99.01 - TCP Wrappers Trojan Horse (fwd)"
Maybe in reply to: D. J. Bernstein: "NetBSD Security Advisory 1999-001: select(2)/accept(2) race"
Next in thread: Casper Dik: "Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 2) Modify the kernel to not remove sockets from the accept(2) queue
>    when they are closed.  A change that implements this has been added
>    to NetBSD-current, and is available at:
>        ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990120-accept
>

This method works well btw. Linux has always done this, (by happy chance). Im
_amazed_ this bug exists. It was documented/abused/used/fixed in so many
different places at different times even back in 1990/1991 or so

Alan

Next message: KuRuPTioN: "SSH 1.x and 2.x Daemon"
Previous message: Eric: "CERT Advisory CA-99.01 - TCP Wrappers Trojan Horse (fwd)"
Maybe in reply to: D. J. Bernstein: "NetBSD Security Advisory 1999-001: select(2)/accept(2) race"
Next in thread: Casper Dik: "Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:30:00 PDT