This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: [Bill Paul <wpaul@CTR.COLUMBIA.EDU>] Re: easy DoS in most RPC apps


   From: Thorsten Kukuk <kukuk@weber.uni-paderborn.de>
   Date: Tue, 19 May 1998 00:50:16 +0200 (MEST)

   Thomas Bushnell, n/BSG writes:
    > 
    > Am I correct in understanding that the SunRPC bug can only affect TCP
    > services?

   Yes, it only affect TCP services. But the fix doesn't really fix it.
   As I said in my earlier mails, the problem will be only fixed, if the 
   daemon spawns a new thread for each connection. And I'm not the only
   one with this opinion:

Well, that's not really so.  If you are not using the SunRPC stubs
then it's easy to handle.

Just have a structure keeping track of pending packets, read them only
after select.  Then the stuck packets on one connection can't prevent
the server from reading packets happily from the next connection.



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]