[OpenWrt-Devel] [PATCH] rpcd: fix respawn settings

Petr Štetiar ynezz at true.cz
Thu Mar 5 14:41:43 EST 2020



Mar 5, 2020 19:54:49 Michael Jones :

> The flip side here is that rpcd likes to crash a lot.

0 (zero) bugs found https://bugs.openwrt.org/index.php?string=rpcd

> By preventing automatic restarts, you're all but ensuring that users will experience denial-of-service, even in the absence of malicious traffic.

Default respawn retry value was 5, now is infinite and this patch restores it back to 5 respawns.

> Is rpcd subject to fuzz testing, to discover potential security issues

Not yet, it's planed. It's just one of the methods, you'll never be 100% sure anyway.

> that makes limiting the restarts attractive?

"Any remote service which crashes is potentially exploitable; we have to assume so, until we see the specific way it fails." -- Theo, OpenBSD

Recent real-world example from 36c3 in my previous email http://lists.infradead.org/pipermail/openwrt-devel/2020-March/022014.html



_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list