Wind River Support Network

HomeDefectsLIN7-3348
Fixed

LIN7-3348 : CLONE - rpm actions try to connect to outside source

Created: Apr 1, 2015    Updated: Sep 8, 2018
Resolved Date: Jun 3, 2015
Found In Version: 7.0
Fix Version: 7.0.0.7
Severity: Severe
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

The rpm tool (on the target) is trying to connect to remote servers by default. This is a potential security risk and may cause delays when the target tries to connect.

Steps to Reproduce

$ configure --enable-board=intel-x86-64 --enable-rootfs=glibc_std --enable-kernel=standard
$ make fs
$ make start-target

Log in then:

# strace -e connect rpm -Va 2>&1 | head -50
connect(8, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(8, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(8, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(8, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(8, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("37.252.190.133")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("46.4.212.178")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("79.140.41.143")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("108.61.171.112")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("176.9.51.79")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("178.32.122.65")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("193.17.17.6")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("198.82.169.69")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("24.172.63.194")}, 16) = 0
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET, sin_port=htons(11371), sin_addr=inet_addr("37.59.144.15")}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2a01:4f8:161:4283::141", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2a01:4f8:d13:528d::2", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2a01:7e00::f03c:91ff:fe69:8da9", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2a03:b0c0:1:d0::fc:e001", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2001:6f8:124e::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2001:718:1e03:801::17", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
connect(8, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(8, {sa_family=AF_INET6, sin6_port=htons(11371), inet_pton(AF_INET6, "2001:1868:2003::12", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)

Lots of IPv4 and IPv6 connection attempts are seen.

Other Downloads


Live chat
Online