Bug 33420 - Canna listens to the world
Canna listens to the world
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: Canna (Show other bugs)
6.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jens Petersen
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-03-27 11:54 EST by Matthew Kirkwood
Modified: 2007-04-18 12:32 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-08-01 22:29:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
backport of Fmake_network_process to Emacs 21.2 from cvs (51.91 KB, patch)
2002-08-01 06:58 EDT, Jens Petersen
no flags Details | Diff

  None (edit)
Description Matthew Kirkwood 2001-03-27 11:54:09 EST
A couple of security whines about Canna.  First, I am working on the
assumption that because of the terrible quality of its code, there will be
easy pickings for anyone wanting to break it.  This being the case:

 * Could it bind itself to loopback by default?  Would this break anything
vital?
 * Could the installer or RPM post-install script start it only if the
default language chosen is a relevant one?  (Is this only Japanese?)  I
need various Japanese fonts, etc., but have no need for the input stuff.
Comment 1 Nakai 2001-03-30 03:10:01 EST
http://hanzubon.org/tmp/Canna_unix_domain_socket_only.diff

Ishikawa has made a patch to improve this.

-inet option opens the world listen socket.
Comment 2 Jens Petersen 2001-08-17 07:07:29 EDT
In Canna-3.5b2-45 the above patch has been applied, making the default
behaviour of cannaserver to not open an IP socket, but only listen on
its unix domain socket for client-connections.


(Conditioning the starting of the server based on locale is not really
practical or convenient IMHO.)
Comment 3 Nakai 2001-08-30 11:17:51 EDT
Reopen.

Set -inet option to cannaserver by default and allow the connection from
localhost with /etc/hosts.canna.
because it fixes the critical bug for Japanese input with tamago/emacs.

Tamago/emacs should support unix domain socket connection to cannaserver
in the future.
Comment 4 Jens Petersen 2002-07-17 05:44:20 EDT
I finally got round to looking at this.
From inspecting cvs, it seems the next release of emacs
will support unix domain sockets.  I don't know
when it will be released though...
Anyway with that it shouldn't be hard to add support for
unix domain sockets to tamago.  I'll will at the code to
see how hard it might be to do a backport to Emacs 21.2,
but from the changelog there have been some major changes
in this area.
Comment 5 Jens Petersen 2002-07-18 03:42:42 EDT
Not only is the code for the new make-network-connection significantly
different to the current open-network-connection, also I realised that
it is not obvious how to get the open-network-connection arguments to
work cleanly for the unix (local) socket case.  So it seems to me best to fix
tamago after Emacs with the make-network-connection code which supports unix
sockets is released.
Comment 6 Jens Petersen 2002-08-01 06:58:00 EDT
Created attachment 68185 [details]
backport of Fmake_network_process to Emacs 21.2 from cvs
Comment 7 Jens Petersen 2002-08-01 07:01:53 EDT
The above patch backports make-network-process from cvs to 21.2.
However I haven't finished checking that the code really supports
unix domain sockets yet in either cvs or 21.2 with my patch.

Assuming it works, teg, what do you think about adding this to our
emacs-21.2?  It only adds a new function, so it shouldn't break anything.
Comment 8 Trond Eivind Glomsrxd 2002-08-01 10:18:48 EDT
Which CVS branch was this? It can probably go in, though.
Comment 9 Jens Petersen 2002-08-01 22:28:56 EDT
It is from MAIN.  The main work was committed on

2002-03-17  Kim F. Storm  <storm@cua.dk>

	The following changes add support for network server processes,
	datagram connections, and local (unix) sockets.

	:

[the patch doesn't include the datagram connections code].

Ok, let me test and polish the patch further if necessary and I'll get
back to you.
Comment 10 Jens Petersen 2002-08-08 07:02:53 EDT
According to my tests of cvs emacs's unix socket code, it still has some
"issues" at this point (eg it sometimes segfaults on `list-processes').
(No response yet from the author.)

Anyway Canna-3.5b2-70 obsoletes tamago, and only listens on a unix domain
socket by default.

Note You need to log in before you can comment on or make changes to this bug.