SUID comments, review

author: Christian Grothoff <christian@grothoff.org> 2010-02-06 23:23:14 +0000
committer: Christian Grothoff <christian@grothoff.org> 2010-02-06 23:23:14 +0000
commit: 8721bed1d8c889b98020870d5453e6648355b3bd (patch)
tree: 98dedbc4d9b19186a83bf9b6ea3f97cce5cb4d43 /src/transport/gnunet-nat-server.c
parent: 94229794b52dd866fe7d27ffbed20da18934087d (diff)
download: gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.tar.gz
gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.zip
1 files changed, 15 insertions, 0 deletions
diff --git a/src/transport/gnunet-nat-server.c b/src/transport/gnunet-nat-server.c
index 225c0af5f..333c0d642 100644
--- a/src/transport/gnunet-nat-server.c
+++ b/src/transport/gnunet-nat-server.c
@@ -23,6 +23,21 @@
 * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
 *        This code will work under GNU/Linux only (or maybe BSDs, but never W32)
 * @author Christian Grothoff
+ *
+ * This program will send ONE ICMP message every 500 ms RAW sockets
+ * to a DUMMY IP address and also listens for ICMP replies.  Since
+ * it uses RAW sockets, it must be installed SUID or run as 'root'.
+ * In order to keep the security risk of the resulting SUID binary
+ * minimal, the program ONLY opens the two RAW sockets with root
+ * priviledges, then drops them and only then starts to process
+ * command line arguments.  The code also does not link against
+ * any shared libraries (except libc) and is strictly minimal
+ * (except for checking for errors).  The following list of people
+ * have reviewed this code and considered it safe since the last
+ * modification (if you reviewed it, please have your name added
+ * to the list):
+ *
+ * - Christian Grothoff
 */
 #define _GNU_SOURCE
 #include <sys/types.h>
author	Christian Grothoff <christian@grothoff.org>	2010-02-06 23:23:14 +0000
committer	Christian Grothoff <christian@grothoff.org>	2010-02-06 23:23:14 +0000
commit	8721bed1d8c889b98020870d5453e6648355b3bd (patch)
tree	98dedbc4d9b19186a83bf9b6ea3f97cce5cb4d43 /src/transport/gnunet-nat-server.c
parent	94229794b52dd866fe7d27ffbed20da18934087d (diff)
download	gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.tar.gz gnunet-8721bed1d8c889b98020870d5453e6648355b3bd.zip

diff --git a/src/transport/gnunet-nat-server.c b/src/transport/gnunet-nat-server.c index 225c0af5f..333c0d642 100644 --- a/src/transport/gnunet-nat-server.c +++ b/src/transport/gnunet-nat-server.c
@@ -23,6 +23,21 @@
23	* @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)	23	* @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
24	* This code will work under GNU/Linux only (or maybe BSDs, but never W32)	24	* This code will work under GNU/Linux only (or maybe BSDs, but never W32)
25	* @author Christian Grothoff	25	* @author Christian Grothoff
		26	*
		27	* This program will send ONE ICMP message every 500 ms RAW sockets
		28	* to a DUMMY IP address and also listens for ICMP replies. Since
		29	* it uses RAW sockets, it must be installed SUID or run as 'root'.
		30	* In order to keep the security risk of the resulting SUID binary
		31	* minimal, the program ONLY opens the two RAW sockets with root
		32	* priviledges, then drops them and only then starts to process
		33	* command line arguments. The code also does not link against
		34	* any shared libraries (except libc) and is strictly minimal
		35	* (except for checking for errors). The following list of people
		36	* have reviewed this code and considered it safe since the last
		37	* modification (if you reviewed it, please have your name added
		38	* to the list):
		39	*
		40	* - Christian Grothoff
26	*/	41	*/
27	#define _GNU_SOURCE	42	#define _GNU_SOURCE
28	#include <sys/types.h>	43	#include <sys/types.h>