f



Write-Only Socket

Hello together,

I am trying to write a little tcp-server which creates a write only
socket an test it with a little client.
The code I have tried so far is below and it workes as expected in the
form I posted it.

The question is:
Why do I have to shutdown(0) $session _and_ $socket on the server?
I had expected that the client would not be able to write to his $socket
if only $session on the server was shutdown(0)

--- server code ---
#!/usr/bin/perl

use warnings;
use strict;

use IO::Socket;

my $socket = IO::Socket::INET->new(
    Listen      => 1,
    LocalPort   => 1025,
    Proto       => 'tcp',
    Reuse       => 1);

my $session = $socket->accept;

$socket->shutdown(0) or die;  ### Question is here !
$session->shutdown(0) or die; ### Question is here !

while(1) {
    print $session "I don't read!\n";
    my $read = $session->getline or die "I can not read\n: $!\n";
    print $read;
    sleep 1;
}
--- --- ---

--- client code ---
#!/usr/bin/perl

use warnings;
use strict;

use IO::Socket;

my $socket = IO::Socket::INET->new(
    PeerHost    => 'localhost',
    PeerPort    => 1025,
    Proto       => 'tcp') or die "Keine Verbindung\n";

my $line;
while (my $line = $socket->getline) {
    print $line;
    print $socket "I try to write\n" or die "I can not write: $!\n";
}
--- --- ---

-- 
perl -e 'print 7.74.117.115.116.11.32.13.97.110.111.116.104.101.114.11
..32.13.112.101.114.108.11.32.13.104.97.99.107.101.114.10.7'
0
Martin
2/21/2005 10:46:34 PM
comp.lang.perl.misc 33233 articles. 2 followers. brian (1246) is leader. Post Follow

6 Replies
560 Views

Similar Articles

[PageSpeed] 7

Martin Kissner <news@chaos-net.de> wrote in 
news:slrnd1kp6a.1hp.news@maki.homeunix.net:

> Hello together,
> 
> I am trying to write a little tcp-server which creates a write only
> socket an test it with a little client.

I am very puzzled. 

....

> The question is:
> Why do I have to shutdown(0) $session _and_ $socket on the server?

I must be missing something very obvious. The way I see it, a socket is 
write only if you never read from it. There must be a reason you are doing 
this.

Sinan
0
A
2/21/2005 11:11:18 PM
A. Sinan Unur wrote :
> Martin Kissner <news@chaos-net.de> wrote in 
> news:slrnd1kp6a.1hp.news@maki.homeunix.net:
>
>> Hello together,
>> 
>> I am trying to write a little tcp-server which creates a write only
>> socket an test it with a little client.
>
> I am very puzzled. 
>
> ...
>
>> The question is:
>> Why do I have to shutdown(0) $session _and_ $socket on the server?
>
> I must be missing something very obvious. The way I see it, a socket is 
> write only if you never read from it. There must be a reason you are doing 
> this.

The reason is that I wanted to know if it can be done.

[OT]
The reason why I want to know is that I have noticed that the syslogd on
my computer (system: Mac OS X) opens an upd port whereas 'man syslogd'
says:

| Syslogd opens an Internet domain socket as specified in /etc/services.
| Normally syslogd will only use this socket to send messages
| outwards, but in `insecure'' mode it will also read messages from this
| socket.

I see no reason for opening this socket as long as there is no central
syslog server on the network, but the socket gets opened in any case so
on first sight this seems to me to be an unnecessary security hole.

If the socket is r/w the service might be potentially exploitable on the
application layer although the server is not supposed to read from the
socket.
If the socket is write only, I assume that data sent to the opened port
will not be passed to the server process but blocked on the transport
layer by the OS.
(It would be my next question whether this is true, but I am pretty sure
it is.)
[/OT]

After I had executes my little experiment, I found the behaviour which I
did't understand.
That was my reason for asking (after I had consulted the documentation
of course).

Best Regards
Martin

-- 
perl -e 'print 7.74.117.115.116.11.32.13.97.110.111.116.104.101.114.11
..32.13.112.101.114.108.11.32.13.104.97.99.107.101.114.10.7'
0
Martin
2/22/2005 12:15:52 AM
Martin Kissner <news@chaos-net.de> wrote:
> Hello together,
>
> I am trying to write a little tcp-server which creates a write only
> socket an test it with a little client.
> The code I have tried so far is below and it workes as expected in the
> form I posted it.
>
> The question is:
> Why do I have to shutdown(0) $session _and_ $socket on the server?

As far as I can tell, you don't.  I get the same behavior whether $socket
is shutdown or not.

> I had expected that the client would not be able to write to his $socket
> if only $session on the server was shutdown(0)

I don't see that happening regardless of what you shutdown.  It looks to me
like the client is prohibited from writing to the socket only because
server exits.  shutdown(0) does not seem to be enforced on the other
end of the socket.

Perl 5.8.0 on Linux.

Xho

-- 
-------------------- http://NewsReader.Com/ --------------------
Usenet Newsgroup Service                        $9.95/Month 30GB
0
xhoster
2/22/2005 7:01:03 PM
Martin Kissner wrote:
> 
> The reason is that I wanted to know if it can be done.
> 
> [OT]
> The reason why I want to know is that I have noticed that the syslogd on
> my computer (system: Mac OS X) opens an upd port whereas 'man syslogd'
> says:
> 
> | Syslogd opens an Internet domain socket as specified in /etc/services.
> | Normally syslogd will only use this socket to send messages
> | outwards, but in `insecure'' mode it will also read messages from this
> | socket.

    I see no inconsistency in this at all.  In insecure mode it will read 
messages.  So in secure mode it won't.  That doesn't mean the socket is 
open write-only, it just means that the daemon never attempts to read 
anything from the socket (and being UDP they'll get discarded if an input 
queue forms as a result).

> If the socket is r/w the service might be potentially exploitable on the
> application layer although the server is not supposed to read from the
> socket.

    If it isn't going to read() (or readfrom()) then I'm not sure how you 
think you (or anyone else) could persuade it to do so.


-- 
              Just because I've written it doesn't mean that
                   either you or I have to believe it.
0
Big
2/22/2005 11:32:31 PM
Big and Blue wrote :
> Martin Kissner wrote:
>
>> If the socket is r/w the service might be potentially exploitable on the
>> application layer although the server is not supposed to read from the
>> socket.
>
>     If it isn't going to read() (or readfrom()) then I'm not sure how you 
> think you (or anyone else) could persuade it to do so.
>
This is true but In that case you have to trust that the implementation
is flawless and there are no side effects possible at all.

Security problems can arise because the developer or the user of a
software did not think about possibilities to "persuade" software to do
things it was not supposed to do.

In my opinion it would be better to not open a socket as long as it is
not needed at all.
If it is needed only for sending it would be a good thing to disallow
receives on the lowest possible level (the transport layer).
AFAIK at this point this is possible only for TCP connections, but I am
still learning.

Best Regards
Martin

-- 
perl -e '$|=1;&p(7.74.117.115.116.32);&s();&p(97.110.111);&p(116.104.101
..114);&s;&p(32.112.101.114.108);&s();&p(32.104.97.99.107.101.114.10);sub
 s{sleep 1};sub p(){print "@_"}'
0
Martin
2/23/2005 12:33:32 PM
xhoster@gmail.com wrote :
> Martin Kissner <news@chaos-net.de> wrote:
>> The question is:
>> Why do I have to shutdown(0) $session _and_ $socket on the server?
>
> As far as I can tell, you don't.  I get the same behavior whether $socket
> is shutdown or not.

Yes, now I get the same result. I can't reproduce the behaviour I had
last time when I tried.

>> I had expected that the client would not be able to write to his $socket
>> if only $session on the server was shutdown(0)
>
> I don't see that happening regardless of what you shutdown.  It looks to me
> like the client is prohibited from writing to the socket only because
> server exits.  shutdown(0) does not seem to be enforced on the other
> end of the socket.

Yes, that seems to be true.
I changed my server script so it will not die but warn if 'getline'
fails. Now I get another unexpected result. The server starts reading
from the socket after one loop (Code and output below).
Can anyone explain this?
How could I permanently close the socket for reading?


Here is the new code of the server:
----
#!/usr/bin/perl
use warnings;
use strict;
use IO::Socket;

my $socket = IO::Socket::INET->new(
    Listen      => 1,
    LocalPort   => 1025,
    Proto       => 'tcp',
    Reuse       => 1);

my $session = $socket->accept;
$session->shutdown(0) or die;

while(1) {
    my $read = $session->getline or warn "I can not read: $!\n";
    print $read;
    sleep 1;
}
-----


Here is the output after I had started the client (with comments)
--- start output ---
		# first loop
I can not read: 
Use of uninitialized value in print at ./server.pl line 22.
		# second loop
Client tries to write
Client tries to write
Client tries to write
Client tries to write
		# Here I killed the client
I can not read: 
Use of uninitialized value in print at ./server.pl line 22, <GEN1> line 4.
I can not read: 
Use of uninitialized value in print at ./server.pl line 22, <GEN1> line 4.
		# Here I killed the server
^C
end output ---


Here is the client code (if anybody wants to try it him/herself)
--- client code ---
#!/usr/bin/perl

use warnings;
use strict;

use IO::Socket;

my $socket = IO::Socket::INET->new(
    PeerHost    => 'localhost',
    PeerPort    => 1025,
    Proto       => 'tcp') or die "Connection failed: $!\n";

while (1) {
    print "Client is printing to socket\n" if print $socket "Client
tries to write\n";    sleep 1;
}
--- end ---

-- 
perl -e '$|=1;&p(7.74.117.115.116.32);&s();&p(97.110.111);&p(116.104.101
..114);&s;&p(32.112.101.114.108);&s();&p(32.104.97.99.107.101.114.10);sub
 s{sleep 1};sub p(){print "@_"}'
0
Martin
2/23/2005 2:06:28 PM
Reply: