This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Security impact of nscd and NSS module bugs (particularly NIS)
- From: Roland McGrath <roland at hack dot frob dot com>
- To: Siddhesh Poyarekar <siddhesh at redhat dot com>
- Cc: Florian Weimer <fweimer at redhat dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Thu, 3 Jul 2014 12:30:30 -0700 (PDT)
- Subject: Re: Security impact of nscd and NSS module bugs (particularly NIS)
- Authentication-results: sourceware.org; auth=none
- References: <53B54CEE dot 6040505 at redhat dot com> <20140703160829 dot GW20796 at spoyarek dot pnq dot redhat dot com>
> nscd crashes would only mean degraded service. Depending on the
> service it is caching, the degradation may range from insignificant to
> quite serious.
That's the first-order effect. It also means that individual applications
start loading NSS modules directly when they weren't before. Combined with
NSS module bugs, that could expose otehr security-relevant bugs that were
masked while nscd was running. It's also the case that one thing people
might be using nscd for is to separate the NSS configuration (and
configuration of individual modules, e.g. resolv.conf) temporally from the
life cycle of long-running processes. So nscd going down could cause a
long-running program to start getting the configuration in place at time T1
and then stick with that through time T2 when the configuration is changed
and nscd -i run, though the administrator (or automaton) expects that the
T2 change applies to long-running programs' queries made after T2. How any
of that does or doesn't become security-relevant depends on many details of
the deployment.