Re: [PATCH 2/3] git-daemon: use getnameinfo to resolve hostname

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 14, 2009 at 11:48:38AM +0100, Jan Engelhardt wrote:

> This is much shorter than inet_ntop'ing, and also translated
> unresolvable addresses into a string.

Er, doesn't this totally change the meaning of REMOTE_ADDR from an IP
address to a hostname? That seems bad because:

  - people already have hooks that compare REMOTE_ADDR against an
    address, so we are breaking their hooks

  - we are losing IP information in favor of hostname information; since
    (I assume) this is primarily intended for IP-based access control,
    we are adding an extra layer of indirection in the middle of our
    security model (i.e., I used to have to spoof an IP to fool your
    hook, but now I can do that _or_ spoof DNS).

So at the very least, you should be adding REMOTE_HOST in _addition_ to
REMOTE_ADDR, not instead of. But that still leaves one final concern,
which is that some git-daemon admins might not want to pay the cost for
a reverse lookup for every request. It's extra network traffic, and adds
extra latency to the process (but I don't personally run git-daemon, and
I don't know whether big sites like kernel.org actually care about
this).

-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux