Subject: pkg/24103: MozillaFirebird executes netstat(1) with file descriptor 0 closed
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <itojun@itojun.org>
List: netbsd-bugs
Date: 01/15/2004 14:10:51
>Number: 24103
>Category: pkg
>Synopsis: MozillaFirebird executes netstat(1) with file descriptor 0 closed
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jan 15 05:12:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator: Jun-ichiro itojun Hagino
>Release: NetBSD 1.6ZH
>Organization:
itojun.org
>Environment:
System: NetBSD starfruit.itojun.org 1.6ZH NetBSD 1.6ZH (STARFRUIT) #544: Wed Jan 14 15:08:38 JST 2004 itojun@starfruit.itojun.org:/home/itojun/NetBSD/src/sys/arch/i386/compile/STARFRUIT i386
Architecture: i386
Machine: i386
>Description:
MoziillaFirebird invokes netstat(1) with file descriptor 0 closed.
>How-To-Repeat:
dmesg output has something like below.
Jan 15 09:43:25 starfruit /netbsd: set{u,g}id pid 10045 (netstat) was invoked by uid 1001 ppid 9877 (MozillaFirebird-) with fd 0 closed
>Fix:
1. open /dev/null to fill file descriptor 0.
2. i guess the reason to invoke netstat(1) is to get random number.
it is better to teach MozillaFirebird to use /dev/urandom.
>Release-Note:
>Audit-Trail:
>Unformatted: