[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: inetd
From: |
Alain Magloire |
Subject: |
Re: inetd |
Date: |
Mon, 2 Sep 2002 11:29:58 -0400 (EDT) |
>
> On Mon, Sep 02, 2002 at 11:01:17AM -0400, Alain Magloire wrote:
>
> > In inetutils/NEWS:
> > crated as uid 0.
> > ^^^^^^^
> > Typo.
>
> Gotit, thanks.
>
hum .. I made some annoying typos in my comments(rshd.c)
"clent" instead of "client" etc ... My english skills was
less then good.
> > You mean an inetd security bug? If yes do you have a fix?
>
> Nope, the rshd security fix where it would create new files as root
> regardless of who you were connecting as. I looked over Chris'
> comments, and both the glibc manual and two other "programming
> securely" pages seem to agree that the right thing is to just do a
> setuid.
>
> The inetd stuff I want to do is just rewriting it so that it's all
> copyright the FSF. I figured it's an easy place to start.
Ok, but you probably wants a list of features, that the new should/must
supported:
- read compatible/extended inetd.conf(for example openbsd(or one of the *BSD)
has extend
this a little for example binding of specific IP)
- The current inetutils/inetd reads snippets from inetd.d/*, the same thing
that xinetd
does but the snippets are inetd.conf formats. Xinetd uses a different format.
I suppose it could b e possible if the code is modular enough to load
different
type of parsing capabilities.
- xinetd does all sort of filtering a la tcpd, for example:
* restriction on time of access
* restriction on ip address, name, domain etc..
* binding of specific IP
The filtering restriction could probably be in a different lib instead of
bloating
inetd. I think "tcpd" comes with a library.
- inetd, Jeff Bailey, 2002/09/02
- Re: inetd, Jeff Bailey, 2002/09/02
- Re: inetd, Alain Magloire, 2002/09/02
- Message not available
- Re: inetd, Jeff Bailey, 2002/09/02
- Re: inetd,
Alain Magloire <=
- Re: inetd, Richard Dawe, 2002/09/02
- Re: inetd, Alain Magloire, 2002/09/02
- Re: inetd, Jeff Bailey, 2002/09/02
- Re: inetd, Alain Magloire, 2002/09/02
- Message not available
- Re: inetd, Jeff Bailey, 2002/09/02