[730] in linux-security and linux-alert archive
[linux-security] SO_REUSEADDR
daemon@ATHENA.MIT.EDU (Sam Mortimer)
Sun May 19 13:09:53 1996
Date: Sat, 18 May 1996 20:10:55 +0100 (BST)
From: Sam Mortimer <csxsjm@scs.leeds.ac.uk>
To: linux-security@tarsier.cv.nrao.edu
cc: unfsd@monad.swb.de
Doesn't rpc.nfsd want _NOT_ to set SO_REUSEADDR to stop users on
the server from running their own nfs server and thereby effectively
gaining root on all client machines?
eg. At home, if I start the nfs server as root and mount something
(anything), then as any non-root user I can start my own nfsd which has
been modified so getattr() checks pathnames for the substring "xyz" and if
it exists returns attrs with the owner of the file set to root.....etc.
Is there a *good* reason why nfsd sets SO_REUSEADDR, or is it just
so that it can be debugged more easily?
-Sam.
PS Read the thread titled `bind() Security Problems' in the Feb '96
linux-security archives for background information.
