geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Modifications to resolve issues found during self-code review.

Browse Source
This commit is contained in:
Juan Carlos Luciani
2006-12-08 05:45:03 +00:00
parent 9a0426279c
commit 8ade751650
34 changed files with 524 additions and 268 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CASA-auth-token/server/AuthTokenValidate/Svc/README
View File

@@ -76,6 +76,12 @@ create its listeing socket to keep other services from hijacking it and taking o
the validation of CASA authentication sockets. CasaAuthtokenValidateD creates its
listen socket in the /var/lib/CASA/authtoken/validate/ folder.
The SuSE rpm package for this component only allows processes executing as casaatvd
to setup a listener on the /var/lib/CASA/authtoken/validate/ folder but it allows any
process to connect to it. This setup may allow a rogue process to easily launch a
denial of service attack on CasaAuthtokenValidateD. If this is not acceptable then
change the rigths on the folder to only allow selected users to connect to it.