Bug#105476: marked as done (proc and auth not robust)

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug#105476: marked as done (proc and auth not robust)

From:	Debian Bug Tracking System
Subject:	Bug#105476: marked as done (proc and auth not robust)
Date:	Sat, 18 Aug 2001 14:18:39 -0500

Your message dated Sat, 18 Aug 2001 21:18:18 +0200
with message-id <20010818211818.S640@212.23.136.22>
and subject line closing
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Darren Benham
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 16 Jul 2001 11:18:39 +0000
>From Marcus.Brinkmann@ruhr-uni-bochum.de Mon Jul 16 06:18:39 2001
Return-path: <Marcus.Brinkmann@ruhr-uni-bochum.de>
Received: from (localhost) [::ffff:212.23.136.22] 
        by master.debian.org with esmtp (Exim 3.12 1 (Debian))
        id 15M6Oc-0000pc-00; Mon, 16 Jul 2001 06:18:39 -0500
Received: from marcus by localhost with local (Exim 3.22 #1 (Debian))
        id 15M6OW-000073-00
        for <submit@bugs.debian.org>; Mon, 16 Jul 2001 13:18:32 +0200
Date: Mon, 16 Jul 2001 13:18:32 +0200
From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
To: submit@bugs.debian.org
Subject: proc and auth not robust
Message-ID: <20010716131832.A411@212.23.136.22>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.18i
Sender: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
Delivered-To: submit@bugs.debian.org

Package: hurd

Hi,

proc and auth both have an easy exploitable defect.  I noticed it when
reading proc_reauthenticate, which calls auth_server_authenticate within the
global lock.  This makes proc to block until the caller goes ahead and calls
auth_user_authenticate.  But if he never does, proc will be locked up.

There are two bugs here, in my opinion.  First, I think that proc should
just loose the global lock while calling auth_server_authenticate (XXX have
to check if this introduces any races).  This will occupy the current
thread, though, and we must be careful not to make it wait for all eternity
(see below). Alternatively, proc could make use of asynchronous communication
(eg call auth_server_authentication_request and return MIG_NO_REPLY, then send 
the
real answer later in S_auth_server_authenticate_reply).  Either will prevent
proc from being stuck.

The other issue is that even if we do this, both auth and proc will sit on
memory and threads if the user destroys the rendezvous port.  I think that
auth should request a dead name notification for the rendezvous port, and on
getting such a notification, go ahead and signal the associated condition.
The sleepers should check if the rendezvous port was destroyed and return with
an appropriate error message.  This prevents the auth server and the server
with a pending authentification from leaking any resources.

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de

---------------------------------------
Received: (at 105476-done) by bugs.debian.org; 18 Aug 2001 19:18:37 +0000
>From Marcus.Brinkmann@ruhr-uni-bochum.de Sat Aug 18 14:18:37 2001
Return-path: <Marcus.Brinkmann@ruhr-uni-bochum.de>
Received: from porta.u64.de [194.77.88.106] 
        by master.debian.org with esmtp (Exim 3.12 1 (Debian))
        id 15YBcC-0007MU-00; Sat, 18 Aug 2001 14:18:37 -0500
Received: from (localhost) [212.23.136.22] (mail)
        by porta.u64.de with asmtp (Exim 3.12 #1 (Debian))
        id 15YCB9-0006Xr-00; Sat, 18 Aug 2001 21:54:44 +0200
Received: from marcus by localhost with local (Exim 3.32 #1 (Debian))
        id 15YBbx-00055g-00; Sat, 18 Aug 2001 21:18:21 +0200
Date: Sat, 18 Aug 2001 21:18:18 +0200
From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
To: 105476-done@bugs.debian.org, 39894-done@bugs.debian.org
Subject: closing
Message-ID: <20010818211818.S640@212.23.136.22>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.20i
Sender: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
Delivered-To: 105476-done@bugs.debian.org

I am the maintainer, and close the reports.

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de

[Prev in Thread]

Current Thread

[Next in Thread]

Bug#105476: marked as done (proc and auth not robust), Debian Bug Tracking System <=

Prev by Date: Re: Getting rid of serverboot
Next by Date: Bug#39894: marked as done (hurd: swapon can't swap to a file)
Previous by thread: ACTIVADORES BIOL�GICOS PARA ELIMINAR OLORES. �PUBLICIDAD!
Next by thread: Bug#39894: marked as done (hurd: swapon can't swap to a file)
Index(es):
- Date
- Thread