/usr/share/doc/dictd/security.doc is in dictd 1.12.0+dfsg-4build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | This is a brief note on security aspects of the DICT server:
* Searches that return the whole index
Description:
Some searches, such as "MATCH * re ." will return the whole
database index, and this index must be buffered by the server. Each
server instance can therefore be using 4-5MB for a typical
installation. This can result in significant resource utilization
on the server machine, swapping, and possible DoS.
Solutions:
* limit connections
* limit amount of data returned
* limit simultaneous outstanding searches (e.g., "increment a lock
(eg, create a link to a file) every time you start searching for
a definition, and decrement it (eg unlink) when the results have
been looked up, if the number (eg link count) exceeds n, sleep a
while before looking it up.")
* Denial of service by idling clients
Description:
An adversary can connect to the server multiple times (until the
server limit is reached) and thereby deny other clients access to
the server.
Solutions:
* limit connections based on IP or mask
* Enhance access control, like hosts_access(5) in TCP Wrappers.
* NIS/YP
* IP/mask
* "paranoid" checks for reverse DNS
* Buffer overflow
* Robustify logging routines (e.g., daemon_log and use of strlen)
|