[186] in bugtraq
Re: SunOS loses with sending broadcast packets.
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sun Nov 6 13:18:26 1994
To: bugtraq@fc.net
In-Reply-To: Your message of "Sun, 06 Nov 1994 20:06:14 +1100."
<199411060910.DAA22701@freeside.fc.net>
Reply-To: perry@imsi.com
Date: Sun, 06 Nov 1994 11:55:06 -0500
From: "Perry E. Metzger" <perry@imsi.com>
Darren Reed says:
> In SunOS 4.1.x, the following 4 lines seem to be missing from ip_output():
> if ((flags & IP_ALLOWBROADCAST) == 0) {
> error = EACCES;
> goto bad;
> }
> (in ip_output.c). They're there in 4.3, 4.4...
>
> My educated guess is that they did this so that RPC would work (programs
> such as "rusers" don't appear to do a setsockopt to toggle SO_BROADCAST)
> rather than fix the RPC library (clnt_broadcast doesn't set this option
> in the RPC library I have).
How utterly bogus. If true, this means that yet again, a vendor has
managed to cause a nasty security problem for the sake of
lazyness. Certainly that code is missing and shouldn't be.
> (I'm scared to think what else I've broken!).
yp/NIS is the only major subsystem I can think of that depends on
broadcast, so that might be it.
> p.s. has anyone reported this as a bug to Sun or know if Sun plan on
> doing anything about this problem ?
Dunno, but someone should. Anyone from Sun monitoring this mailing
list?
Perry
