[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(usagi-users 00299) Re: USAGI IPv6 patches
In article <20010316164611.A17490@xxxxxxxxxxxxxxxxxxxxxxxxxx> (at Fri, 16 Mar 2001 16:46:11 -0300), horape@xxxxxxxxxxxxxxxxxxxxxxxxxx says:
> > > Attached is a patch adapted from USAGI that let us to bind different sockets
> > > to the same port but different IP versions.
>
> > I do not see uid check code in the patch...
>
> I tried to add the least code possible...
>
> > Allowing listening on one port even without such weak check is hard bug.
>
> USAGI has the check (with an ifdef), i'll add it and resend the patch to you.
No, we don't. It is for SO_REUSEADDR.
This prevents users from "narrow binding" DoS.
BTW, I saw Alexey's point some time ago and askd it users@xxxxxxxxxxx,
but I could not convince them (including itojun :-)).
I am (still) considering...
--
Hideaki YOSHIFUJI @ USAGI Project <yoshfuji@xxxxxxxxxxxxxx>
PGP5i FP: F731 6599 5EB2 BBA7 1515 1323 1806 A96F 5700 6B25