Bugtraq mailing list archives
Re: SunOS loses with sending broadcast packets.
From: perry () imsi com (Perry E. Metzger)
Date: Sun, 06 Nov 1994 11:55:06 -0500
Darren Reed says:
In SunOS 4.1.x, the following 4 lines seem to be missing from ip_output(): if ((flags & IP_ALLOWBROADCAST) == 0) { error = EACCES; goto bad; } (in ip_output.c). They're there in 4.3, 4.4... My educated guess is that they did this so that RPC would work (programs such as "rusers" don't appear to do a setsockopt to toggle SO_BROADCAST) rather than fix the RPC library (clnt_broadcast doesn't set this option in the RPC library I have).
How utterly bogus. If true, this means that yet again, a vendor has managed to cause a nasty security problem for the sake of lazyness. Certainly that code is missing and shouldn't be.
(I'm scared to think what else I've broken!).
yp/NIS is the only major subsystem I can think of that depends on broadcast, so that might be it.
p.s. has anyone reported this as a bug to Sun or know if Sun plan on doing anything about this problem ?
Dunno, but someone should. Anyone from Sun monitoring this mailing list? Perry
Current thread:
- SunOS loses with sending broadcast packets. Darren Reed (Nov 06)
- Re: SunOS loses with sending broadcast packets. Perry E. Metzger (Nov 06)
- Re: SunOS loses with sending broadcast packets. Rens Troost (Nov 06)
- <Possible follow-ups>
- Re: SunOS loses with sending broadcast packets. Mark Graff (Nov 07)
- Re: SunOS loses with sending broadcast packets. Perry E. Metzger (Nov 06)