lists.arthurdejong.org
RSS feed

Re: pid formatted incorrectly in debug message (wrong printf format?)

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: pid formatted incorrectly in debug message (wrong printf format?)



On Mon, 2018-09-10 at 10:00 +0100, Norman Gray wrote:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231234
> 
> In case it's useful, I'll report here that the FreeBSD port
> maintainer suggested a way of getting PID information from a
> socket. Looking at it, though, I suspect that particular mechanism
> might require two cooperating processes, rather than allowing nslcd
> to detect the PID of an arbitrary process connecting to the socket.

Yes. The SCM_CREDS mechanism seems a bit strange to me. The sending
party sends this control message and the system fills in the correct
values.

The problem is that once you accept SCM_CREDS messages you must also
accept SCM_RIGHTS messages and ensure that all file descriptors passend
there are correctly closed (because otherwise it would be very easy to
perform a DoS attack on nslcd by overloading it with file descriptors).

If someone is willing to make patches for this, I'll be more than happy
to review and merge them.

Kind regards,

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/