Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice)

[alan () LXORGUK UKUU ORG UK (Alan Cox)]

> This attack is specific to LINUX. On UNIX systems with a BSD TCP/IP
> protocol stack, the accept() call does not return until the three-way
> handshake completes.
>
> Please do not blame Sendmail for every problem in the world.

The fact the sendmail people have been aware of this for over 2 years
and refused to consider putting a Linux case in for existing Linux
installations speaks volumes however. And yes Linux 2.1.x matches
BSD behaviour here.

Alan, still waiting for POSIX to finish standardising the socket API.