On Mon, Jun 18, 2001 at 11:08:49AM -0700, Vineet Kumar wrote:
> The argument below is pretty bad. Have you ever heard of anybody
> actually getting impaled by holding a sword poised at his belly and
> walking into grand central station at 5:00pm going "'scuse me, pardon
> me, 'scuse me, pardon *GGUAGHGH!*"? I sure haven't. So why not do it?
> Our hypothetical late friend didn't need to be doing it, and he
> shouldn't have been doing it.
Huh? You've acknowledged that there may be legitimate uses for the
simple services that you may be ignorant of. I don't think there is any
legitimate gain to be had be running around a crowded area with a blade
against your belly.
> "the standard inetd services including discard, echo, sysstat,
> netstat et al all *have* *had* their known vulnerabilities before now.
> All long-since patched, but that's not to say there won't be another
> tomorrow."
>
Have you looked at their code? I can assure you that there is no
potential for remote exploit in
void
discard_stream(int s, struct servtab *sep)
{
char buffer[BUFSIZE];
setproctitle(sep->se_service, s);
while ((errno = 0, read(s, buffer, sizeof(buffer)) > 0) ||
errno == EINTR)
;
exit(0);
}
Or how 'bout this:
/* Return human-readable time of day */
void
daytime_stream(int s, struct servtab *sep)
{
char buffer[256];
time_t clocc;
(void)sep;
clocc = time(NULL);
snprintf(buffer, sizeof(buffer), "%.24s\r\n", ctime(&clocc));
write(s, buffer, strlen(buffer));
}
These services are so simple that any moderately knowledgeable coder can
ensure that there is no risk to leaving the services turned on.
noah
--
_______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html
PGP signature
