re: CVS commit: src/libexec/rshd

To: christos%netbsd.org@localhost
Subject: re: CVS commit: src/libexec/rshd
From: matthew green <mrg%eterna.com.au@localhost>
Date: Wed, 09 Mar 2005 14:14:22 +1100

   
   Module Name: src
   Committed By:        christos
   Date:                Tue Mar  8 04:35:19 UTC 2005
   
   Modified Files:
        src/libexec/rshd: rshd.c
   
   Log Message:
   Avoid source routing ip options. Described in:
   http://www.citi.umich.edu/u/provos/papers/secnet-spoof.txt


should we do this in rlogind, rexecd, etc?  also in tcp wrappers as
it may be that tcp wrappers already strips options but leaves the
connection enabled before passing to rshd and rshd won't see that
the connection originally had them enabled.  (this is meantioned
in the above url as well..)

bsdi patched nfsd as well i see...


.mrg.

Follow-Ups:
- re: CVS commit: src/libexec/rshd
  - From: Christos Zoulas

References:
- CVS commit: src/libexec/rshd
  - From: Christos Zoulas

Prev by Date: CVS commit: src
Next by Date: re: CVS commit: src/libexec/rshd
Previous by Thread: CVS commit: src/libexec/rshd
Next by Thread: re: CVS commit: src/libexec/rshd
Indexes:

Home | Main Index | Thread Index | Old Index