add a comment on about how tracing is secured, but still keep it disabled.
This commit is contained in:
parent
59fd2f8be8
commit
d1c10b4cd1
|
@ -1,4 +1,4 @@
|
||||||
/* $NetBSD: input.c,v 1.25 1999/02/23 10:47:40 christos Exp $ */
|
/* $NetBSD: input.c,v 1.26 2000/03/02 20:58:55 christos Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 1983, 1988, 1993
|
* Copyright (c) 1983, 1988, 1993
|
||||||
|
@ -37,7 +37,7 @@
|
||||||
static char sccsid[] __attribute__((unused)) = "@(#)input.c 8.1 (Berkeley) 6/5/93";
|
static char sccsid[] __attribute__((unused)) = "@(#)input.c 8.1 (Berkeley) 6/5/93";
|
||||||
#elif defined(__NetBSD__)
|
#elif defined(__NetBSD__)
|
||||||
#include <sys/cdefs.h>
|
#include <sys/cdefs.h>
|
||||||
__RCSID("$NetBSD: input.c,v 1.25 1999/02/23 10:47:40 christos Exp $");
|
__RCSID("$NetBSD: input.c,v 1.26 2000/03/02 20:58:55 christos Exp $");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include "defs.h"
|
#include "defs.h"
|
||||||
|
@ -445,7 +445,13 @@ input(struct sockaddr_in *from, /* received from this IP address */
|
||||||
|
|
||||||
case RIPCMD_TRACEON:
|
case RIPCMD_TRACEON:
|
||||||
case RIPCMD_TRACEOFF:
|
case RIPCMD_TRACEOFF:
|
||||||
/* verify message came from a privileged port */
|
/* Notice that trace messages are turned off for all possible
|
||||||
|
* abuse if _PATH_TRACE is undefined in pathnames.h.
|
||||||
|
* Notice also that because of the way the trace file is
|
||||||
|
* handled in trace.c, no abuse is plausible even if
|
||||||
|
* _PATH_TRACE_ is defined.
|
||||||
|
*
|
||||||
|
* First verify message came from a privileged port. */
|
||||||
if (ntohs(from->sin_port) > IPPORT_RESERVED) {
|
if (ntohs(from->sin_port) > IPPORT_RESERVED) {
|
||||||
msglog("trace command from untrusted port on %s",
|
msglog("trace command from untrusted port on %s",
|
||||||
naddr_ntoa(FROM_NADDR));
|
naddr_ntoa(FROM_NADDR));
|
||||||
|
|
Loading…
Reference in New Issue