Bugtraq mailing list archives
TCPwrappers race condition
From: shadows () whitefang com (Thamer Al-Herbish)
Date: Sun, 28 Sep 1997 16:35:34 +0000
I havent seen much discussion about this in the past on any forum. I thought I'd bring up the issue. Although I have seen alot of questions related to it, go unanswered. TCPwrappers do a getpeername() after bieng passed the socket descriptor from inetd. On some OSs this can cause a problem, atleast on SCO. It seems that if you connect real fast, and disconnect (just connect() then exit()). It winds up logging "unknown" as the hostname. This is because by the time tcpwrappers get to make that call the OS has already gotten a FIN and closed off the connection. I verfied this with a sniffer. Unfortunately this is a design issue, TCPwrappers "cant" be fixed to do this without modification to inetd. If the address from accept() was given to the tcpwrapper via an environment variable this would fix the problem and eliminate the race condition. Mind you tcpserver/tcpcontrol by Dan Bernstein already does the environment variable passing. -- Thamer Al-Herbish shadows () whitefang com
Current thread:
- IE4 and channels Alan Cox (Oct 02)
- TCPwrappers race condition Thamer Al-Herbish (Sep 28)
- Re: TCPwrappers race condition Nicolai E M Plum (Oct 03)
- Re: TCPwrappers race condition Wietse Venema (Oct 03)
- Re: TCPwrappers race condition John W. Temples (Oct 03)
- Re: TCPwrappers race condition Wietse Venema (Oct 03)
- Majordomo 1.94.4 released -- SECURITY FIXES Aleph One (Oct 03)
- web.sql vulnerability Aleph One (Oct 03)
- TCPwrappers race condition Thamer Al-Herbish (Sep 28)
- IE4 and channels Jon Cargille (Oct 02)
- <Possible follow-ups>
- Re: IE4 and channels Phillip Hallam-Baker (Oct 02)