Re: To the bind maintainer
On Tue, 25 Jan 2000 16:34:43 +0100, Paul Slootman wrote:
>Every time I'm reminded of bind attaching itself to each interface
>explicitly, I wonder why it does that (and doesn't simply bind to
>0.0.0.0). _Is_ there a valid reason?
Yes,
security.
http://rootshell.com/archive-j457nxiqi3gq59dv/199707/bindExploit.txt.htm
l
"On most systems, a combination of setting the SO_REUSEADDR
socket option, and a call to bind() allows any process to bind to
a port to which a previous process has bound width INADDR_ANY."
Now, I understand the Linux kernel has code to prevent this (?), but
the
Bind nameserver runs on a lot of different systems.
Reply to: