[22558] in Athena Bugs
zephyrd accepts HM_BOOT from any port
daemon@ATHENA.MIT.EDU (Derek Atkins)
Thu Jun 19 13:50:14 2003
To: bugs@MIT.EDU
From: Derek Atkins <warlord@MIT.EDU>
Date: 19 Jun 2003 13:49:53 -0400
Message-ID: <sjmof0uj6ta.fsf@kikki.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
What happened:
I've got an athena machine running in vmware behind a "VMWare NAT"
on my Linux-Athena laptop. I'm running zephyr on the main (host)
system. However, whenever I boot the vmware machine,
I lose subs. Indeed, if I "HUP" the zhm in the vmware machine
I lose subs. It appears that zephyrd is accepting the zhm
control message even if it doesn't come from the zhm port, and
it's cancelling out ALL zhms at that IP Address (rather than
just the IP:port combo). This seems like a real lose.
What should have happened:
zephyrd should not confuse [myip]:210x with [myip]:13452 when
flushing subscriptions. If nothing else this is a major DoS
problem if I can forge a boot message and cause random lossage
of subs.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
