Re: [patch] af_unix fix for a panic a DoS and a memory leak [Re:

Alan Cox (alan@lxorguk.ukuu.org.uk)
Wed, 3 Mar 1999 01:47:27 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Oliver Xymoron: "Re: [patch] PIII/Katmai & FXSAVE support, disable serial-#, 2.2.2"
Previous message: Alan Cox: "Re: Still fs corruption with bttv?"

> * accept() doesn't return closed connections.
> * unp_gc() (their equivalent of unix_gc()) ignores listen queues
> * ... and is horribly bad in performance
> * connect() behaves as our one does.
> * unless they have a limit on amount of unp (== unix_socket)
> somewhere else they are vulnerable to Andrea's DoS.
> OpenBSD security logs:
> They've recently found a select()/accept() race (Feb 17). And
> fixed it. We were lucky here. Their fix seems to be still vulnerable to
> Andrea's DoS (modulo independent enforcement of unp limit). unp_gc()
> ignores listen queues (inherited from 4.4BSD).

The irony of this one is - Richard Steven's told them about most of these
problems when he wrote TCP Illustrated vol III.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Xymoron: "Re: [patch] PIII/Katmai & FXSAVE support, disable serial-#, 2.2.2"
Previous message: Alan Cox: "Re: Still fs corruption with bttv?"