[torquedev] req_getcred() should match connections on client IP, not just port number

Garrick Staples garrick at clusterresources.com
Sun Feb 25 18:08:34 MST 2007


On Mon, Feb 26, 2007 at 12:39:50AM +0100, Sergio Gelato alleged:
> It occurred to me that pbs_server's req_getcred() only looks at the
> client-side port number when looking for the connection to be authenticated
> by AuthenUser. This is not 100% reliable, as different clients may
> happen to use the same port number (on different IP addresses) at the
> same time, resulting in sporadic failures. (There may be security
> implications as well.)

Interesting scenerio.  Have you actually observed the sporadic failures?



More information about the torquedev mailing list