lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <AANLkTikR_gCHbb0P7_QiG86egoV2bVOwhS5Sj-T4Yz-a@mail.gmail.com>
Date:	Fri, 28 May 2010 16:00:06 -0600
From:	Jeffrey Merkey <jeffmerkey@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: Fwd: Question about SIOCGIFCONF

---------- Forwarded message ----------
From: Jeffrey Merkey <jeffmerkey@...il.com>
Date: Fri, May 28, 2010 at 3:57 PM
Subject: Re: Question about SIOCGIFCONF
To: Eric Dumazet <eric.dumazet@...il.com>


Not a bad suggestion, however, redhat and all the major distros still
use ifconfig.   Do you think this should be fixed or is it a
non-issue?

Jeff

On Fri, May 28, 2010 at 2:06 PM, Eric Dumazet <eric.dumazet@...il.com> wrote:
> Le vendredi 28 mai 2010 à 13:05 -0600, Jeffrey Merkey a écrit :
>> The code in question is net-tools/lib/interface.c function
>> if_readproc() and associated routines.  Looks like a hole.
>>
>> Jeff
>>
>> On Fri, May 28, 2010 at 1:02 PM, Jeffrey Merkey <jeffmerkey@...il.com> wrote:
>> > Review of the net-tools source code for IFCONFIG indicates that when
>> > /proc is not loaded and/or /proc/net/dev is not available, IFCONFIG
>> > will attempt to use this ioctl to determine which interfaces are
>> > present in the system.  Since the ioctl will not report unbound
>> > interfaces which are active, IFCONFIG will not properly report or
>> > detect network adapters which are unbound.  This seems to be a hole,
>> > although most of the time I assume /proc will always be mounted.
>> > Someone should review this and make a decision as to whether or not
>> > this could be a problem.  At any rate, it does not work as advertised.
>> >
>
> Maybe you could forget about a 20 years old legacy program and use the
> real thing : ip
>
> ip link
> ip addr
> ...
>
> Alternatively, you could rewrite ifconfig to use modern API.
>
> (Not depending on /proc , at all)
>
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ