diff options
| author | Neil Brown <neilb@suse.de> | 2007-03-15 15:38:35 +1100 |
|---|---|---|
| committer | Neil Brown <neilb@suse.de> | 2007-03-15 15:38:35 +1100 |
| commit | dad50c0e589b5651242de50e81200b036d995b73 (patch) | |
| tree | 9bf2a9ffe6a364a426519a4657b545549c8e1f95 /utils/statd/monitor.c | |
| parent | c40336aa88c7a914227cc751118e165e985c2b78 (diff) | |
| download | nfs-utils-dad50c0e589b5651242de50e81200b036d995b73.tar.gz nfs-utils-dad50c0e589b5651242de50e81200b036d995b73.tar.xz nfs-utils-dad50c0e589b5651242de50e81200b036d995b73.zip | |
Make --enable-secure-statd the default.
i.e. you now need --disable-secure-statd if you want any client
other than lockd to talk to statd.
Also relax the RESTRICTED_STATD checks so that a recent kernel
with /proc/sys/fs/nfs/nsm_use_hostnames set can still talk to
statd.
Finally, restrict access to simulate_crash so that only privileged
processes on localhost can call it. Having it accessible by the
whole world is probably not much more than a minor inconvenience,
but it really should be kept closed.
Diffstat (limited to 'utils/statd/monitor.c')
| -rw-r--r-- | utils/statd/monitor.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/utils/statd/monitor.c b/utils/statd/monitor.c index 98cbf4a..8ee0441 100644 --- a/utils/statd/monitor.c +++ b/utils/statd/monitor.c @@ -42,7 +42,7 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp) notify_list *clnt; struct in_addr my_addr; #ifdef RESTRICTED_STATD - struct in_addr mon_addr, caller; + struct in_addr caller; #else struct hostent *hostinfo = NULL; #endif @@ -87,6 +87,11 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp) goto failure; } +#if 0 + This is not usable anymore. Linux-kernel can be configured to use + host names with NSM so that multi-homed hosts are handled properly. + NeilBrown 15mar2007 + /* 3. mon_name must be an address in dotted quad. * Again, specific to the linux kernel lockd. */ @@ -96,22 +101,25 @@ sm_mon_1_svc(struct mon *argp, struct svc_req *rqstp) mon_name); goto failure; } -#else +#endif +#endif /* * Check hostnames. If I can't look them up, I won't monitor. This * might not be legal, but it adds a little bit of safety and sanity. */ /* must check for /'s in hostname! See CERT's CA-96.09 for details. */ - if (strchr(mon_name, '/')) { - note(N_CRIT, "SM_MON request for hostname containing '/': %s", - mon_name); + if (strchr(mon_name, '/') || mon_name[0] == '.') { + note(N_CRIT, "SM_MON request for hostname containing '/' " + "or starting '.': %s", mon_name); note(N_CRIT, "POSSIBLE SPOOF/ATTACK ATTEMPT!"); goto failure; } else if (gethostbyname(mon_name) == NULL) { note(N_WARNING, "gethostbyname error for %s", mon_name); goto failure; - } else if (!(hostinfo = gethostbyname(my_name))) { + } +#ifndef RESTRICTED_STATD + if (!(hostinfo = gethostbyname(my_name))) { note(N_WARNING, "gethostbyname error for %s", my_name); goto failure; } else |