EXTERNAL: OSError: [Errno 48] Address already in use
Marko Rauhamaa
marko at pacujo.net
Fri Jun 29 01:30:02 EDT 2018
Dan Stromberg <drsalists at gmail.com>:
> [on how SO_REUSEADDR is a security risk]
> Start an echo server process P that listens on tcp/5555.
>
> Initiate a connection from a client machine to process P at tcp/5555. It
> works as expected.
>
> Kill P.
>
> Initiate a connection from a client machine to process P at tcp/5555. It
> gives a connection refused as expected.
>
> If someone else comes along soon after and starts a different echo server
> process Q at tcp/5555 on the same server, it starts up immediately if P
> used SO_REUSEADDR.
>
> Then initiate a connection from the same (or different) client machine to
> process P (which no longer exists). Q gets the data intended for P.
Well, the same security issue can be demonstrated without SO_REUSEADDR:
DON'T start an echo server process P that listens on tcp/5555.
Initiate a connection from a client machine to process P at tcp/5555. It
gives a connection refused as expected.
If someone else comes along and starts an echo server process Q at
tcp/5555 on the same server, it starts up immediately.
Then initiate a connection from the same (or different) client machine to
process P (which never existed). Q gets the data intended for P.
The security issue can be real but is not directly related with
SO_REUSEADDR.
Marko
More information about the Python-list
mailing list