On Mon, 22 Feb 1999 [EMAIL PROTECTED] wrote:
> > But who is to say that the interface *is* to a remote host or
> > network? Many people running diald with their provider giving
> > dynamic addresses have used things like 127.0.0.2:127.0.0.3 for
> > diald's proxy.
>
> They will have to stop to make this. 127.* addresses are reserved not for fun.
Believe me, I'm not having *fun* with 2.2 :-(.
> > This is another of those undocumented changes. It's a "2.2 breaks
> > my setup" situation which requires you to read the kernel source
> > to find out what is happening. Not funny...
>
> You missed one thing: printk 8)8)
It's a debug level printk. Many people don't log debug messages on
the grounds they are just using it, not debugging it :-). Besides,
the message isn't that illuminating until you look at the code.
> > Is there some good reason why this bloat is there? I mean, if you
> > don't want 127 addresses going out of an interface why not just
> > not route them there? Isn't the fact that a route exists an indication
> > it was wanted???
>
> Yes. If packet has source 127.* some apps assume that it is guaranteed
> to be origined by THIS host.
Which for looped slip, ppp, ethertap etc. could well be true. In the
case of diald's proxy packets aregoing out not in anyway.
> F.e. it is critical for canonical RPC4.0
> secure RPC. Cetainly, it is hole in sunos-4, but it is still not a good
> reason to allow to break into sunos-4 by unprivileged Linux user.
I don't get it. How can an unprivileged Linux user add addresses
to interfaces and send out bogus packets anyway? We aren't talking
about running with a 127 addressed interface spewing arbitrary
packets onto your ethernet. Unless a privileged user set a system
up that way - but then that's a privileged user's privilege. There
are a thousand other ways they could screw up. I maintain this is
an implementation of policy over functionality that it is not
necessary in the kernel. If anything it should be *documented*!
Mike
--
A train stops at a train station, a bus stops at a bus station.
On my desk I have a work station...
.----------------------------------------------------------------------.
| Mike Jagdis | Internet: mailto:[EMAIL PROTECTED] |
| Roan Technology Ltd. | |
| 54A Peach Street, Wokingham | Telephone: +44 118 989 0403 |
| RG40 1XG, ENGLAND | Fax: +44 118 989 1195 |
`----------------------------------------------------------------------'
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
