From: Alan Cox (
Date: Thu Feb 01 2001 - 17:39:37 EST

> This application uses SO_REUSEADDR in conjunction with INADDR_ANY. What
> it does is bind() to INADDR_ANY, then listen(). Then, it proceeds to
> bind (but _not_ listen) various other specific addresses.

That should be ok if its setting SO_REUSEADDR

> not a security problem: what's really the problem is having two
> _listens_. As long as you're only listening on the one, I don't see how
> connections/packets could be stolen.


In fact the classic exploit consisted of binding to port 2049 witha specific
connect address set on UDP and stealing NFS packets..

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Wed Feb 07 2001 - 21:00:14 EST