mzkqt at 0pointer.de
Tue Apr 19 07:50:37 PDT 2011
On Tue, 19.04.11 10:01, Ludwig Nussel (ludwig.nussel at suse.de) wrote:
> Lennart Poettering wrote:
> > just wanted to mention that systemd git now as a tiny daemon "hostnamed"
> > which is started on demand via dbus, and whose purpose is exactly three
> > things: provide a PK authenticated way for UI tools to change the
> > hostname, for sending out change signals when the hostname changes and
> Shouldn't the kernel itself already emit events if the hostname
> changes? So actually all sethostname() calls are detected?
The kernel currently doesn't do notification on hostname changes. But
Lucas De Marchi wants to look into that. This would improve things and I
definitely will make use of that in hostnamed. However, it doesn't
really make hostnamed unnecessary (you still want PK, want the ability
to reset the transient hostname, and want the icon name/pretty name).
> Also, beware of CVE-2011-0997.
The SetHostname() call on the dbus interface actually refuses hostnames
with chars outside of 0-9a-zA-Z, "." and "-". We also refuse hostnames with a
length > HOST_NAME_MAX. And the empty string is handled especially,
i.e. as "reset" to the static hostname.
People can still set a hostname like "....----...." of course, and we'd
accept that. It's kinda broken if you do of course, but I see no
vulnerability arising from that.
Lennart Poettering - Red Hat, Inc.
More information about the xdg