Bug#514303: boinc-client: by default BOINC binds to all network adaptors

2009-02-10 Thread Sheridan Hutchinson 
2009/2/10 René Mayorga rmayo...@debian.org:
 tags 514303 + upstream
 forwarded 514303 http://boinc.berkeley.edu/trac/ticket/573
 thanks

Hello René,

I have been upstream to check out that ticket.

What I cannot understand is that the Windows version of BOINC does in
fact bind just to the localhost and not network adaptors by default.
I have no idea why this needs to be different between OS's.

Given that upstream has already commented I have decided to remove the
linux version of BOINC from all my machines, so I recommmend closing
this bug report.

Thank you for your timely efforts, it's a pleasure to deal with a
responsive developer.

--
Regards,
Sheridan Hutchinson
sheri...@shezza.org



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#514303: boinc-client: by default BOINC binds to all network adaptors

2009-02-09 Thread René Mayorga 
tags 514303 + upstream
forwarded 514303 http://boinc.berkeley.edu/trac/ticket/573
thanks

Hi Sheridan,
And thanks for your bug report.

On Fri, Feb 06, 2009 at 02:48:23AM +, Sheridan Hutchinson wrote:
 
 Rather distrubingly, BOINC binds to all network adaptors rather than just 
 localhost, despite the 
 allow_remote_gui_rpc setting not being set.

Indeed, is a kind of an ugly default behaviour.
and if you check the Checkin_notes from 2005, you see that rather than be a bug
for upstream this was a _bug fix_

 Rom13 April 2005
 - Bug Fix: Re-enable INADDR_ANY for the *nix platforms since they cannot
   seem to connect through the loopback adapter.


However, I was looking over upstream bug reports, and this feature was already
requested[0] a few months ago.

 If I can be of any further assistance then please don't hesistate to let me 
 know.

Sure!

[0] http://boinc.berkeley.edu/trac/ticket/573

Cheers
-- 
Rene Mauricio Mayorga   |  jabber: rmayo...@jabber.org
http://rmayorga.org |  
--
08B6 58AB A691 DD56 C30B  8D37 8040 19FA A209 C305


signature.asc
Description: Digital signature

Bug#514303: boinc-client: by default BOINC binds to all network adaptors

2009-02-05 Thread Sheridan Hutchinson 
Package: boinc-client
Version: 6.2.14-3
Severity: normal

Rather distrubingly, BOINC binds to all network adaptors rather than just 
localhost, despite the 
allow_remote_gui_rpc setting not being set.

As an end-user, I would have expected just for it to bind to the localhost for 
availability for the boinc-manager.

While there is not an explicity security issue here, because no hosts/ip's are 
listed in the remote authorisation 
file, there is an implicit one and that is if there is ever a buffer overflow 
against boinc then it's possible that 
is going to be exploited by other people.

Netstat output:
tcp0  0 0.0.0.0:31416   0.0.0.0:*   LISTEN  
20006/boinc
tcp0  0 127.0.0.1:631   0.0.0.0:*   LISTEN  
3126/cupsd

You can see where cupsd for example has bound locally and boinc has bound 
globally.

If I can be of any further assistance then please don't hesistate to let me 
know.

-- Package-specific info:
-- Contents of /etc/default/boinc-client:
# This file is /etc/default/boinc-client, it is a configuration file for the
# /etc/init.d/boinc-client init script.

# Set this to 1 to enable and to 0 to disable the init script.
ENABLED=1

# Set this to 1 to enable advanced scheduling of the BOINC core client and
# all its sub-processes (reduces the impact of BOINC on the system's
# performance).
SCHEDULE=1

# The BOINC core client will be started with the permissions of this user.
BOINC_USER=boinc

# This is the data directory of the BOINC core client.
BOINC_DIR=/var/lib/boinc-client

# This is the location of the BOINC core client, that the init script uses.
# If you do not want to use the client program provided by the boinc-client
# package, you can specify here an alternative client program.
#BOINC_CLIENT=/usr/local/bin/boinc
BOINC_CLIENT=/usr/bin/boinc

# Here you can specify additional options to pass to the BOINC core client.
# Type 'boinc --help' or 'man boinc' for a full summary of allowed options.
#BOINC_OPTS=--allow_remote_gui_rpc
BOINC_OPTS=

-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages boinc-client depends on:
ii  adduser3.110 add and remove users and groups
ii  ca-certificates20080809  Common CA certificates
ii  debconf [debconf-2.0]  1.5.24Debian configuration management sy
ii  libc6  2.7-18GNU C Library: Shared libraries
ii  libcurl3   7.18.2-8  Multi-protocol file transfer libra
ii  libssl0.9.80.9.8g-15 SSL shared libraries
ii  libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3
ii  lsb-base   3.2-20Linux Standard Base 3.2 init scrip
ii  python 2.5.2-3   An interactive high-level object-o
ii  zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime

boinc-client recommends no packages.

Versions of packages boinc-client suggests:
pn  boinc-app-setinone (no description available)
ii  boinc-manager 6.2.14-3   GUI to control and monitor the BOI
pn  schedtool none (no description available)

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org