[systemd-devel] [SECURITY] systemd: nss_myhostname last in /etc/nsswitch.conf may cause, problems
Mateusz Jończyk
mat.jonczyk at o2.pl
Fri Aug 8 04:24:50 PDT 2014
Hello,
The man page for nss-myhostname:
http://www.freedesktop.org/software/systemd/man/nss-myhostname.html
suggests that myhostname should be used as a last entry in
/etc/nsswitch.conf:
"It is recommended to put myhostname last in the nsswitch.conf line to
make sure that this mapping is only used as fallback, and any DNS or
/etc/hosts based mapping takes precedence."
This may be risky because an attacker that knows the system hostname and
can control DNS query results (by MITM attacks, i.e. after breaking into
a home gateway) is able to redirect requests to the local host to a
machine of his control.
For example if I opened "http://mateusz-ubuntu:631" in a web browser,
and logged in there, an attacker could gain access to my CUPS user pasword.
On the other hand, an attacker that is able to listen to DNS queries can
get knowledge of the local hostname (because it usually does not contain
any dots) and that way identify a person behind a particular IP address
(and/or gain some knowledge of his software / hardware - for example my
hostname is mateusz-ubuntu).
--
Greetings,
Mateusz Jończyk
AEI, Informatyka, Semestr 3 Magisterskich, BDiIS
More information about the systemd-devel
mailing list