Permission denied, deleting interface
Paul A Vixie
vixie at mibh.net
Sun Aug 8 15:16:09 UTC 1999
> > yes. bind's initial interface scan and interface bindings are all done
> > before the setuid/setgid. it really should not even bother to rescan the
> > interface table after this, but it still does, and if it sees a new alias
> > or interface it tries to bind to it, and it fails, and it complains.
btw, this fix will appear in BIND 8.2.2 as change #746:
Index: CHANGES
===================================================================
RCS file: /proj/cvs/isc/bind/src/CHANGES,v
retrieving revision 8.359
diff -u -r8.359 CHANGES
--- CHANGES 1999/08/08 14:55:42 8.359
+++ CHANGES 1999/08/08 15:13:20
@@ -1,3 +1,5 @@
+ 746. [bug] don't bother rescanning the interfaces if setuid!=root.
+
745. [protocol] IXFR transmission was just plain wrong in some cases.
744. [support] allow the calling location of strings to be recorded.
Index: bin/named/ns_main.c
===================================================================
RCS file: /proj/cvs/isc/bind/src/bin/named/ns_main.c,v
retrieving revision 8.102
diff -u -r8.102 ns_main.c
--- bin/named/ns_main.c 1999/08/08 02:27:47 8.102
+++ bin/named/ns_main.c 1999/08/08 15:14:08
@@ -141,6 +141,7 @@
/* list of interfaces */
static LIST(struct _interface) iflist;
static int iflist_initialized = 0;
+static int iflist_dont_rescan = 0;
static const int drbufsize = 32 * 1024, /* UDP rcv buf size */
dsbufsize = 48 * 1024, /* UDP snd buf size */
@@ -500,6 +501,8 @@
ns_panic(ns_log_security, 1, "setuid(%s): %s",
user_name, strerror(errno));
ns_info(ns_log_security, "user = %s", user_name);
+ if (user_id != 0)
+ iflist_dont_rescan++;
}
#endif /* CAN_CHANGE_ID */
@@ -1070,6 +1073,14 @@
u_char *mask_ptr;
struct in_addr mask;
+ if (iflist_initialized) {
+ if (iflist_dont_rescan)
+ return;
+ } else {
+ INIT_LIST(iflist);
+ iflist_initialized = 1;
+ }
+
ns_debug(ns_log_default, 1, "getnetconf(generation %lu)",
(u_long)my_generation);
@@ -1081,11 +1092,6 @@
ns_error(ns_log_default, "socket(SOCK_RAW): %s",
strerror(errno));
return;
- }
-
- if (!iflist_initialized) {
- INIT_LIST(iflist);
- iflist_initialized = 1;
}
if (local_addresses != NULL)
More information about the bind-users
mailing list