[Bug 1457] X11 Forwarding doesn't work anymore on a solaris 10 host where ipv6 has not been enabled
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sun Apr 6 08:38:14 EST 2008
https://bugzilla.mindrot.org/show_bug.cgi?id=1457
--- Comment #2 from Yann Rouillard <yann at pleiades.fr.eu.org> 2008-04-06 08:38:11 ---
Yes it's what I'm wondering and I am trying to see how other os behave.
BTW, while reading the getaddrinfo manpage, I found the following
option:
If the AI_ADDRCONFIG flag is specified, IPv4 addresses are returned
only if an IPv4 address is configured on the local system, and IPv6
addresses are returned only if an IPv6 address is configured on the
local system. For this case, the loopback address is not considered to
be as valid as a configured address. For example, when using the DNS, a
query for AAAA records should occur only if the node has at least one
IPv6 address configured (other than IPv6 loopback) and a query for A
records should occur only if the node has at least one IPv4 address
configured (other than the IPv4 loopback).
that could have been interesting.
However as an ipv6 loopback is not considered a valid interface, that
would still allow an attacker to hijack a X11 session in the case only
the loopback is ipv6 enabled and an application first try to talk to
the X11 forwarded port via tcp6.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list