18726 – only_from should use numerical IP address

Bug 18726 - only_from should use numerical IP address

Summary: only_from should use numerical IP address

Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	samba
Sub Component:	(Show other bugs)
Version:	7.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Trond Eivind Glomsrxd
QA Contact:	Dale Lovelace
Docs Contact:
URL:
Whiteboard:
Keywords:	Security
Duplicates (1):	22995 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-10-09 16:37 UTC by Tim Waugh
Modified:	2007-04-18 16:29 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2000-10-16 17:25:23 UTC
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Tim Waugh 2000-10-09 16:37:05 UTC

/etc/xinetd.d/swat currently has:

	only_from = localhost

This causes xinetd to do a reverse name lookup for each connection on that
service to see if it's canonical name is 'localhost'.  For better security
it should read:

	only_from = 127.0.0.1

Comment 1 Bill Nottingham 2000-10-16 17:01:53 UTC


*** This bug has been marked as a duplicate of 16573 ***

Comment 2 Tim Waugh 2000-10-16 17:09:10 UTC

No, this is something different: it's a security problem (DNS spoofing) rather
than a confused application.

Comment 3 Bill Nottingham 2000-10-16 17:25:20 UTC

It's the same fix, however. :)

Comment 4 Bill Nottingham 2000-10-16 17:33:25 UTC

... and it's fixed in -22.

Comment 5 Bill Nottingham 2001-01-18 23:19:50 UTC

*** Bug 22995 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.