Re: vhost

Jim Dennis (jimd@STARSHINE.ORG)
Fri, 02 Jan 1998 02:58:28 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Arnt Gulbrandsen: "Re: visible passwd bug in kdm ?"
Previous message: Aleph One: "Happy New Years from BugTraq"

> Hello,
>
> Well, this problem is too simple, so I'm not even sure it's worth posting,
> but here it is anyway. This applies to vhost v0.4, available at:
> ftp://ftp.solucorp.qc.ca/pub/linuxconf/devel/vhost-0.4.tar.gz

...<ellided>...

> Below is a quick and dirty patch that fixes the above problems. The real
> fix would be re-coding, since the whole thing (which is only 4 Kb of C
> source) looks quite broken. For example, it updates password files with
> no locking, while there can be multiple connections at a time.

I think "the real fix" would be to use the features that are
already in tcpd. I had an e-mail conversation with Wietse
Venema last year in which he pointed out that TCP Wrappers
can do virtual hosting.

Here's a sample /etc/hosts.allow that enables a sample
virtual service:

# hosts.allow
in.telnetd@127.0.0.2 : ALL : twist /bin/echo "Go away"

( set this up just for testing access from localhost.

All I had to do to test this was issue the following
commands:

> ifconfig lo:1 127.0.0.2 up
> telnet 127.0.0.2

(This assumes you have the PROCESS_OPTIONS compile time
option defined in TCP Wrappers -- and, of course, you have
TCP Wrappers wrappers installed in inetd.conf).

It was actually mildly embarassing to me at the time --
since I had copied him on a message posted to "The Answer Guy"
-- asking noting this as an enhancement request. So he was
pointing out that I simply hadn't read the man pages
carefully enough (it's in host_options(5)).

Another option would be to add support for libwrap into
vhost and link it in. However, it sounds like vhost's
code would have to be cleaned up considerably -- and it
probably would be a major duplication of effort. You can
already call chrootuid (another program by Wietse) in
your 'twist' directive.

Perhaps the authors of vhost should seriously consider
reviewing the tcpd code and asking themselves what benefits
will accrue from continued effort in that. If they are
going to continue their work I'd point them at Matt Bishop's
web pages where he has published safer versions of system(),
popen() and a library called 'trustfile'.

His web pages are at:

http://olympus.cs.ucdavis.edu/~bishop/

In particular he has a paper on "Writing Safe Setuid Programs"
at:
http://olympus.cs.ucdavis.edu/~bishop/secprog.html

Wietse's work can usually be found at:

ftp.win.tue.nl:/pub/security

(though that seems to be refusing connections at the moment).

I've never found a web site for him.

--
Jim Dennis  (800) 938-4078              consulting@starshine.org
Proprietor, Starshine Technical Services:  http://www.starshine.org
        PGP  1024/2ABF03B1 Jim Dennis <jim@starshine.org>
        Key fingerprint =  2524E3FEF0922A84  A27BDEDB38EBB95A

Next message: Arnt Gulbrandsen: "Re: visible passwd bug in kdm ?"
Previous message: Aleph One: "Happy New Years from BugTraq"