[nfs-utils] [PATCH 0/3] rpc.mountd: fix some vulnerabilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

I'm sending a small set of 3 patches for a problem, that I have
reported a few weeks ago.
rpc.mountd can be blocked by a bad client, that sends lots of
RPC requests, but never reads the replies from the socket either
intentionally or e.g. caused by a wrong configured MTU.

While looking for a possible solution, I found another weakness
in rpc.mountd if it is used "multithreaded" (-t nn).

The first two patches fix that weakness in the case of !HAVE_LIBTIRPC
and HAVE_LIBTIRPC.
The third patch more a kind of suggestion how the main problem could
be fixed. I don't know whether we can set MAXREC without causing
new troubles. When this patch is used, a  further patch for libtirpc
also should be used. You can find it here:
    http://sourceforge.net/p/libtirpc/mailman/libtirpc-devel/?viewmonth=201409

Best regards,
Bodo
ÿôèº{.nÇ+?·?®?­?+%?Ëÿ±éݶ¥?wÿº{.nÇ+?·¥?{±þwìþ)í?æèw*jg¬±¨¶????Ý¢jÿ¾«þG«?éÿ¢¸¢·¦j:+v?¨?wèjØm¶?ÿþø¯ù®w¥þ?àþf£¢·h??â?úÿ?Ù¥





[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux