Wind River Support Network

HomeDefectsLIN7-427
Fixed

LIN7-427 : CLONE - wrlinux 5.0.1. - rpcbind listening on random ports

Created: Aug 11, 2014    Updated: Mar 4, 2019
Resolved Date: Sep 22, 2014
Previous ID: LIN5-19221
Found In Version: 7.0
Fix Version: 7.0
Severity: Severe
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

the current rpcbind implementation uses a random port.
this could cause security issues in customer's environments.

Steps to Reproduce

configure a project with:

--enable-board=intel_xeon_core --enable-build=production --enable-kernel=cgl --enable-rootfs=glibc_cgl --enable-ccache=no --enable-jobs=9 --enable-parallel-pkgbuilds=9 --enable-reconfig --enable-rm-work=yes --with-sstate-dir=../sstate_cache --with-template=feature/openssl101e, --without-template=wr-cgp/cgp/templates/feature/cgp-full/template.conf,wr-cgp/cgp/templates/feature/cgp-full/image.inc,wr-dpdk/templates/default/template.conf,wr-dpdk/templates/default/image.inc --enable-doc-pages=target --enable-addons=wr-rcfl --with-layer=rcfl --with-rcpl-version=0015

build and start qemu:

Wind River Linux 5.0.1.15 qemu0 console

qemu0 login: root
Password: 
root@qemu0:~# netstat -anp --inet | fgrep rpcbind
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1662/rpcbind    
udp        0      0 0.0.0.0:111             0.0.0.0:*                           1662/rpcbind    
udp        0      0 0.0.0.0:989             0.0.0.0:*                           1662/rpcbind    
root@qemu0:~# /etc/init.d/rpcbind restart
Stopping rpcbind daemon...
done.
Starting rpcbind daemon...done.
root@qemu0:~# netstat -anp --inet | fgrep rpcbind
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      4794/rpcbind    
udp        0      0 0.0.0.0:111             0.0.0.0:*                           4794/rpcbind    
udp        0      0 0.0.0.0:729             0.0.0.0:*                           4794/rpcbind
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube