| To: | "J. M." <snortwiz@xxxxxxxxxxx> |
|---|---|
| Subject: | Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li |
| From: | Stephen Hemminger <shemminger@xxxxxxxx> |
| Date: | Thu, 13 May 2004 10:31:39 -0700 |
| Cc: | niv@xxxxxxxxxx, dlstevens@xxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <BAY15-F5TPEFoxcC3U000054055@xxxxxxxxxxx> |
| Organization: | Open Source Development Lab |
| References: | <BAY15-F5TPEFoxcC3U000054055@xxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Thu, 13 May 2004 12:20:34 -0500 "J. M." <snortwiz@xxxxxxxxxxx> wrote: > That's exactly what's happening - a service bound to an interface is > receiving traffic via a different interface. That could pose security risks > on a dual-homed machine (such as the device I pen-tested and discovered this > flaw upon). > > -Jared On Linux, IP addresses are not bound to interfaces. You need to use SO_BINDTODEVICE if that is what you want. The security model is correct, and well defined, just different than BSD derived systems. It does conform to the standards (RFC's). |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M. |
|---|---|
| Next by Date: | Re: MSEC_TO_JIFFIES is messed up..., Paul Wagland |
| Previous by Thread: | Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M. |
| Next by Thread: | Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, Sridhar Samudrala |
| Indexes: | [Date] [Thread] [Top] [All Lists] |