On Tue, Apr 15, 2008 at 05:56:36PM +0200, Martin Pels wrote:
> On Tue, 15 Apr 2008 17:15:18 +0200
> Rogier Wolff <[EMAIL PROTECTED]> wrote:
>
> > On Tue, Apr 15, 2008 at 04:41:15PM +0200, Martin Pels wrote:
> > > Depending on whether IP_HDRINCL is defined net_preopen() creates an
> > > icmp and udp socket, or a single raw socket.
> > >
> > > If we have two sockets it is trivial to close them in
> > > net_selectsocket(). This is actually what I did in the first
> > > version of the patch I sent you last year (attached for
> > > completeness). If we only have a single raw socket there is nothing
> > > we need to close.
> > >
> > > Closing sockets will inevitably break the GUI "u" command, because
> > > after we drop privileges we cannot open new sockets. So maybe we
> > > should only enable this functionality when raw sockets are
> > > available.
> >
> > OK. Why then was the opening of the sockets delayed to after the
> > parsing of the cmdline? This is the problem: Lots of complicated code
> > which might be exploited. I feel much more comfortable passing one (or
> > two) open sockets down the line towards the rest of the code....
>
> It is not. We open sockets on line 290, drop privileges on line
> 295 and start parsing options and arguments on line 310.
In my version, I see the first executable lines in main to be:
if ( ( net_preopen_result = net_preopen () ) ) {
fprintf( stderr, "mtr: unable to get raw sockets.\n" );
and in your patch I see:
@@ -322,8 +333,21 @@
struct sockaddr_in6 * sa6;
#endif
- /* Get the raw sockets first thing, so we can drop to user euid immediately
*/
+ /* reset the random seed */
+ srand (getpid());
+
+ display_detect(&argc, &argv);
+
+ /* The field options are now in a static array all together,
+ but that requires a run-time initialization. -- REW */
+ init_fld_options ();
+
+ parse_mtr_options (getenv ("MTR_OPTIONS"));
+
+ parse_arg (argc, argv);
+ /* get raw sockets ASAP, so we can drop to user euid immediately *
+ * we need to do this after parsing options, to know the proto */
if ( ( net_preopen_result = net_preopen () ) ) {
fprintf( stderr, "mtr: unable to get raw sockets.\n" );
exit( EXIT_FAILURE );
which I read as: the "parse_arg, display_detect and parse_mtr_options
have been moved to BEFORE opening the sockets and dropping privs.
Roger.
--
** [EMAIL PROTECTED] ** http://www.BitWizard.nl/ ** +31-15-2600998 **
** Delftechpark 26 2628 XH Delft, The Netherlands. KVK: 27239233 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
Q: It doesn't work. A: Look buddy, doesn't work is an ambiguous statement.
Does it sit on the couch all day? Is it unemployed? Please be specific!
Define 'it' and what it isn't doing. --------- Adapted from lxrbot FAQ
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
