I am in the process of making syslogd more protocol independent (IPv4 & IPv6). I am just about ready to add a priviledged fuction for getnameinfo, but what I do not understand is why the the DNS lookups are priviledged separated. I do understand the security piece talked about in the getnameinfo(3) man page. And I have read through the CVS comments.
I understand the socketpair must_read's and must_write's. But before I finalize anything, I want to make sure I understand the security assumptions. Can someone fill me in? I am using getaddrinfo and binding two sockets: udp and udp6 per inet6. I have modified cvthname to handle IPv4 and IPv6 (passing in a struct sockaddr_storage and using inet_pton), save for the hostname look up since I need to call a priviledged function for getnameinfo instead of gethostbyaddr (which is only IPv4). I still have some additional IPv4 only stuff that I need to clean up. And I need to clean up the code I did write. And I need to verify that the current pipe stuff can be removed as well since the code looks to only use the socketpairs. Finally, I need to test it. Thanks, brian Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
