[OpenWrt-Devel] [PATCH] rpcd: fix respawn settings
Petr Štetiar
ynezz at true.cz
Thu Mar 5 14:41:43 EST 2020
Mar 5, 2020 19:54:49 Michael Jones :
> The flip side here is that rpcd likes to crash a lot.
0 (zero) bugs found https://bugs.openwrt.org/index.php?string=rpcd
> By preventing automatic restarts, you're all but ensuring that users will experience denial-of-service, even in the absence of malicious traffic.
Default respawn retry value was 5, now is infinite and this patch restores it back to 5 respawns.
> Is rpcd subject to fuzz testing, to discover potential security issues
Not yet, it's planed. It's just one of the methods, you'll never be 100% sure anyway.
> that makes limiting the restarts attractive?
"Any remote service which crashes is potentially exploitable; we have to assume so, until we see the specific way it fails." -- Theo, OpenBSD
Recent real-world example from 36c3 in my previous email http://lists.infradead.org/pipermail/openwrt-devel/2020-March/022014.html
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list