Bug 296501

Summary: Broken Somalia DNS servers break amd!
Product: Red Hat Enterprise Linux 4 Reporter: Chuck Berg <cberg>
Component: am-utilsAssignee: Karel Zak <kzak>
Status: CLOSED WONTFIX QA Contact: qe-baseos-daemons
Severity: low Docs Contact:
Priority: low    
Version: 4.4   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 13:27:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chuck Berg 2007-09-19 16:01:27 UTC
On a bunch of machines at the same time, amd started hanging.

I traced the problem to a . in someone's LD_LIBRARY_PATH, they would run ps
while in /net, and attempting to look up /net/libproc-3.2.7.so would break amd.

It takes a very long time for DNS lookups in .so to (fail to) resolve today, I
assume this is what triggered the bug.

Although I fixed the . in the LD_LIBRARY_PATH, anyone can break amd in the
future by just accessing /net/anything.so. (or any other slow-to-fail DNS record)

Look how slow DNS is to fail for .so:

# time ping -c1 libproc-3.2.7.so
ping: unknown host libproc-3.2.7.so

real    0m19.891s
user    0m0.000s
sys     0m0.004s

Comment 1 Chuck Berg 2007-09-19 18:39:35 UTC
Easy way to reproduce - in one session:
while :; do date; df -k >& /dev/null; sleep 1; done

In another:
while :; do ls -l /net/bogus-$RANDOM.so; done

I verified it still happens with am-utils 6.1.5

This is actually a security issue, as it is a trivial denial-of-service that can
be performed by any user.

Comment 2 Jiri Pallich 2012-06-20 13:27:32 UTC
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. 
Please See https://access.redhat.com/support/policy/updates/errata/

If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.