On Tue, 15 Apr 2008 17:15:18 +0200 Rogier Wolff <[EMAIL PROTECTED]> wrote:
> On Tue, Apr 15, 2008 at 04:41:15PM +0200, Martin Pels wrote: > > Depending on whether IP_HDRINCL is defined net_preopen() creates an > > icmp and udp socket, or a single raw socket. > > > > If we have two sockets it is trivial to close them in > > net_selectsocket(). This is actually what I did in the first > > version of the patch I sent you last year (attached for > > completeness). If we only have a single raw socket there is nothing > > we need to close. > > > > Closing sockets will inevitably break the GUI "u" command, because > > after we drop privileges we cannot open new sockets. So maybe we > > should only enable this functionality when raw sockets are > > available. > > OK. Why then was the opening of the sockets delayed to after the > parsing of the cmdline? This is the problem: Lots of complicated code > which might be exploited. I feel much more comfortable passing one (or > two) open sockets down the line towards the rest of the code.... It is not. We open sockets on line 290, drop privileges on line 295 and start parsing options and arguments on line 310. Regards, Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
