154243 – ksmserver listens on all interfaces per default

Bug 154243 - ksmserver listens on all interfaces per default

Summary: ksmserver listens on all interfaces per default

Status:	RESOLVED FIXED

Alias:	None

Product:	ksmserver
Classification:	Plasma
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Lubos Lunak

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-12-17 18:58 UTC by Martin Ammermüller
Modified:	2008-05-02 14:19 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Ammermüller 2007-12-17 18:58:05 UTC

Version:            (using KDE Devel)
Installed from:    Compiled sources
OS:                Linux

Output of netstat -tulpen:
-----------
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
tcp        0      0 0.0.0.0:53062           0.0.0.0:*               LISTEN      1000       55894       22975/ksmserver
tcp6       0      0 :::58727                :::*                    LISTEN      1000       55893       22975/ksmserver
------------

I think this is a dangerous default setting and a security threat. Sensible default setting should be to only listen on loopback/127.0.0.1

Comment 1 Martin Ammermüller 2008-03-13 11:08:30 UTC

Still the case with 4.0.2.

Comment 2 Lubos Lunak 2008-03-18 16:36:05 UTC

The ICE protocol uses authorization, so how exactly is this supposed to be a security threat?

Comment 3 Lubos Lunak 2008-05-02 14:19:22 UTC

SVN commit 803253 by lunakl:

Add a missing configure check for _IceTransNoListen.
BUG: 154243



 M  +2 -0      CMakeLists.txt  


WebSVN link: http://websvn.kde.org/?view=rev&revision=803253