Red Hat Bugzilla – Bug 33420
Canna listens to the world
Last modified: 2007-04-18 12:32:24 EDT
A couple of security whines about Canna. First, I am working on the assumption that because of the terrible quality of its code, there will be easy pickings for anyone wanting to break it. This being the case: * Could it bind itself to loopback by default? Would this break anything vital? * Could the installer or RPM post-install script start it only if the default language chosen is a relevant one? (Is this only Japanese?) I need various Japanese fonts, etc., but have no need for the input stuff.
http://hanzubon.org/tmp/Canna_unix_domain_socket_only.diff Ishikawa has made a patch to improve this. -inet option opens the world listen socket.
In Canna-3.5b2-45 the above patch has been applied, making the default behaviour of cannaserver to not open an IP socket, but only listen on its unix domain socket for client-connections. (Conditioning the starting of the server based on locale is not really practical or convenient IMHO.)
Reopen. Set -inet option to cannaserver by default and allow the connection from localhost with /etc/hosts.canna. because it fixes the critical bug for Japanese input with tamago/emacs. Tamago/emacs should support unix domain socket connection to cannaserver in the future.
I finally got round to looking at this. From inspecting cvs, it seems the next release of emacs will support unix domain sockets. I don't know when it will be released though... Anyway with that it shouldn't be hard to add support for unix domain sockets to tamago. I'll will at the code to see how hard it might be to do a backport to Emacs 21.2, but from the changelog there have been some major changes in this area.
Not only is the code for the new make-network-connection significantly different to the current open-network-connection, also I realised that it is not obvious how to get the open-network-connection arguments to work cleanly for the unix (local) socket case. So it seems to me best to fix tamago after Emacs with the make-network-connection code which supports unix sockets is released.
Created attachment 68185 [details] backport of Fmake_network_process to Emacs 21.2 from cvs
The above patch backports make-network-process from cvs to 21.2. However I haven't finished checking that the code really supports unix domain sockets yet in either cvs or 21.2 with my patch. Assuming it works, teg, what do you think about adding this to our emacs-21.2? It only adds a new function, so it shouldn't break anything.
Which CVS branch was this? It can probably go in, though.
It is from MAIN. The main work was committed on 2002-03-17 Kim F. Storm <storm@cua.dk> The following changes add support for network server processes, datagram connections, and local (unix) sockets. : [the patch doesn't include the datagram connections code]. Ok, let me test and polish the patch further if necessary and I'll get back to you.
According to my tests of cvs emacs's unix socket code, it still has some "issues" at this point (eg it sometimes segfaults on `list-processes'). (No response yet from the author.) Anyway Canna-3.5b2-70 obsoletes tamago, and only listens on a unix domain socket by default.