Re: Is starting a user program on priv port via inetd dangerous ?

gtoalan-teallach.com

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Resident Hacker: "Re: yes, there's another hole in BIND"
• Previous message: ddzehrtelecom.ksu.edu: "coredumps on setuid programs."
• In reply to: Doug McLaren: "Is starting a user program on priv port via inetd dangerous ?"
• Next in thread: Lord of flying horned octopi: "Re: Is starting a user program on priv port via inetd dangerous ?"

	My question is this: I own /home/dougmc/ircd/ircd, so I can change it
	in any way I want.  Is it possible to alter it in such a way that it
	takes this open fd to port 194 and abuses it, perhaps uses it to spoof
	a rlogin or rsh?

No, but what is theoretically possible is that someone could use ircd
to run arbitrary programs as the irc user.  Even if you run it as a special
user and in a chroot shell, there's a small possibility of abuse... for
instance, say you run nntpd and have some private local groups you don't
want exported, then if someone ran a proxy nntp port bouncer, they could
access your local groups because the call would appear to be from a local
user rather than the real remote host.

However, if the rest of your system is set up properly, what you suggest
above is no more dangerous than giving strangers a guest shell.  If you
allow outsiders on your machine anyway, it shouldn't be a problem.  If
you think your machine is only ever used by trusted insiders, it could
be a problem.

G

• Next message: Resident Hacker: "Re: yes, there's another hole in BIND"
• Previous message: ddzehrtelecom.ksu.edu: "coredumps on setuid programs."
• In reply to: Doug McLaren: "Is starting a user program on priv port via inetd dangerous ?"
• Next in thread: Lord of flying horned octopi: "Re: Is starting a user program on priv port via inetd dangerous ?"