This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/5010] New: sunrpc service cleanup causes unwanted port mapper traffic
- From: "ian at iay dot org dot uk" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 8 Sep 2007 12:33:32 -0000
- Subject: [Bug libc/5010] New: sunrpc service cleanup causes unwanted port mapper traffic
- Reply-to: sourceware-bugzilla at sourceware dot org
The svc_register function may be called with a final (protocol) parameter of 0 to suppress registration
of the service with the local port mapper.
However, the svc_unregister function always calls the port mapper to unregister the service, even if it
was not originally called during service registration.
This means that even if you didn't want your service registered with the port mapper, the library will
attempt to bind a privileged UDP port on your behalf when the service is unregistered. Note that you
can't avoid this by simply not calling svc_unregister, because the __rpc_thread_svc_cleanup function will
always call svc_unregister on your behalf on thread wind-down.
The main effect of this is seen in an SELinux environment, where an application that only makes internal
use of the RPC calls nevertheless appears to require the ability to bind privileged ports. This may lead
to people blindly granting such privileges to applications that don't really require them, which is
obviously a bad thing from a security perspective.
--
Summary: sunrpc service cleanup causes unwanted port mapper
traffic
Product: glibc
Version: 2.4
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: ian at iay dot org dot uk
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=5010
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.