Prevent a DoS by making the local interface non-blocking
This prevents a DoS from the local interface, which could be performed by any user on the system running babeld. A malicious attacker could connect to the local interface, and then wait without reading any data. When the send buffer eventually fills up, babeld would block; as a result, it would become completely inoperative. Note that 'local_server_socket' is already non-blocking, but the sockets spawned by accept() don't inherit this flag. From accept(2): On Linux, the new socket returned by accept() does not inherit file status flags such as O_NONBLOCK and O_ASYNC from the listening socket.
Showing
Please register or sign in to comment