Re: ping

[brian () saturn net (Brian Mitchell)]

On Tue, 23 Jul 1996, Marek Michalkiewicz wrote:

> Well, not all systems have snprinf :-(.  (It is in reasonably
> current versions of *BSD and Linux libc, but not on many older
> systems.)

Yeah, I know. Makes life a whole lot easier though, doesnt it :-). Even
in linux, it isn't documented - I had to nm libc to make sure :).

> Anyway, just wondering why the standard version of ping doesn't
> do setuid(getuid()) right after socket(AF_INET, SOCK_RAW, ...).
> No other code should need root privileges.  The version of ping
> supplied with Debian Linux does this, with the added bonus that
> ps shows who is running ping (instead of just showing "root").

It prob didn't bother because ping is so small. You usually think small
programs are safe, and it has not been established that the overflow can
be abused. I thought it could, but i read the code a little too quickly.

> While we are at ping bugs: at least some versions allow flooding
> the network using the -l option as ordinary luser (just specify
> a large number of packets to send quickly).  Again, Debian Linux
> doesn't have this problem, but the original ping-5.9 does.

Unfortunately, that doesnt matter. Anyone who wants to can install netcat
and do cat /dev/zero|nc -u host port if they are intent on denial of
services attacks.

Brian Mitchell                                          brian () saturn net
"I never give them hell. I just tell the truth and they think it's hell"
- H. Truman