[OpenSER-Devel] [ openser-Bugs-1891148 ] No protection of open socket files against removing

SourceForge.net noreply at sourceforge.net
Tue Feb 12 12:06:15 CET 2008


Bugs item #1891148, was opened at 2008-02-11 15:58
Message generated for change (Comment added) made by bogdan_iancu
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1891148&group_id=139143

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: None
Status: Open
>Resolution: Invalid
Priority: 5
Private: No
Submitted By: Helmut Kuper (hekuper)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: No protection of open socket files against removing

Initial Comment:
Hi,

I found that starting a 2nd openser with same config as an already
running openser on same machine using module mi_datagram leads to a deletion of the
socket file of the already running openser process.

This is very bad when u use openser as a frontend for sems for example.  :( 

If this is a bug, maybe the check, whether there is
an already running openser using same network resources, should be placed *befor* starting modules. 
Alternative modules should be able to handle those problematic scenarios ...

My mi_datagram config is this:

loadmodule "mi_datagram.so"
modparam("mi_datagram", "socket_name", "/tmp/openser_ansagen_sock")
modparam("mi_datagram", "children_count", 1)
modparam("mi_datagram", "unix_socket_mode", 0660)
modparam("mi_datagram", "unix_socket_group", "voip")
modparam("mi_datagram", "unix_socket_user", "ruth")
modparam("mi_datagram", "socket_timeout", 2000)

regards
Helmut

----------------------------------------------------------------------

>Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-02-12 13:06

Message:
Logged In: YES 
user_id=1275325
Originator: NO

Hi Helmut,

This is the normal/expected bahviour of the module - to avoid any security
problems (using a fake or malicious already existing unixsocket) openser
removes it first (if exists) and then creates its own with proper
permissions and security restrictions.

So, it is not a bug :).

Regards,
Bogdan

----------------------------------------------------------------------

Comment By: Helmut Kuper (hekuper)
Date: 2008-02-11 16:53

Message:
Logged In: YES 
user_id=1851349
Originator: YES

Hi Bogdan,

yes I use same socket file name for both opensers, cause both are using
same config file.

Befor we misunderstand: I don't want to run 2 opensers with same config on
same machine!! I rather strumbled about that bug/problem, when I accidently
started same openser without openserctl twice 

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-02-11 16:45

Message:
Logged In: YES 
user_id=1275325
Originator: NO

Hi Helmut,

so you use the same socket_name for both openser's ??

Regards,
Bogdan

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1891148&group_id=139143



More information about the Devel mailing list