[CF-Devel] CVS nov28
Todd Mitchell
temitchell at sympatico.ca
Thu Nov 28 20:03:30 CST 2002
Turned out to be a permission thing and my own stupidity.
Thanks for the pointer.
----- Original Message -----
From: "Tim Rightnour" <
root at garbled.net
>
To: <
crossfire-devel at lists.real-time.com
>
Sent: Thursday, November 28, 2002 2:45 AM
Subject: RE: [CF-Devel] CVS nov28
>
>
On 28-Nov-02 Todd Mitchell wrote:
>
> any ideas? Build looks normal to my untrained eye, I ran it a few
times
>
> through to see if I had missed something.
>
>
I see this on NetBSD all the time. usually I have to wait 1-2 minutes for
the
>
old sockets to close out. Unfortunately, CF uses SO_REUSEPORT.. which in
>
netbsd:
>
bind(2):
>
SECURITY CONSIDERATIONS
>
bind() was changed in NetBSD 1.4 to prevent the binding of a socket
to
>
the same port as an existing socket when all of the following is
true:
>
o either of the existing or new addresses is INADDR_ANY,
>
o the uid of the new socket is not root, and the uids of the
cre-
>
ators of the sockets are different,
>
o the address is not a multicast address, and
>
o both sockets are not bound to INADDR_ANY with SO_REUSEPORT
set.
>
>
This prevents an attack where a user could bind to a port with the
host's
>
IP address (after setting SO_REUSEADDR) and `steal' packets destined
for
>
a server that bound to the same port with INADDR_ANY.
>
>
Perhaps other OS's have done the same more recently?
>
>
---
>
Tim Rightnour <
root at garbled.net
>
>
NetBSD: Free multi-architecture OS
http://www.netbsd.org/
>
NetBSD supported hardware database:
http://mail-index.netbsd.org/cgi-bin/hw.cgi
>
_______________________________________________
>
crossfire-devel mailing list
>
crossfire-devel at lists.real-time.com
>
https://mailman.real-time.com/mailman/listinfo/crossfire-devel
>
More information about the crossfire
mailing list