[BUGS] BUG #1191: odd usage of port 512 on localhost

#1

The following bug has been logged online:

Bug reference: 1191
Logged by: John D. Hendrickson

Email address: johndhendrickson22124 (AT) yahoo (DOT) com

PostgreSQL version: 7.4

Operating system: Debian testing

Description: odd usage of port 512 on localhost

Details:

Hi,

Since I've installed postgres on debian-testing I'm getting firewall logs
of:

RELATED PACKET:
SRC=localhost DST=localhost PROTO=ICMP CODE=3,3
PROTO=UDP SPT=1030 DPT=512

My logs show it happens every time postgres postmaster sends mail.

Any clue as to why Postgres would want rexecd on localhost? After all, the
inetd author said NOT to allow anything localhost in hosts.allow since
applications can too easily be insecure that way on many OSes.

Postgres doesn't say anything about using remote execution on the localhost
in the documentation. Is this "feature" in the source code somewhere?

As we see, this is a "RELATED" packet which tries to get through. However,
3,3 (I hope) implies that inetd does block access. NOTE! Just the packet
alone is enough to put a hole in most running statefull firewalls.

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo (AT) postgresql (DOT) org)

#2

"PostgreSQL Bugs List" <pgsql-bugs (AT) postgresql (DOT) org> writes:

Quote:

Since I've installed postgres on debian-testing I'm getting firewall logs
of:

RELATED PACKET:
SRC=localhost DST=localhost PROTO=ICMP CODE=3,3
PROTO=UDP SPT=1030 DPT=512

My logs show it happens every time postgres postmaster sends mail.

Since the postmaster does not send mail, you're going to have to start
by explaining that remark. Are you perhaps using some
non-postgres-supplied code to send mail? If so, are you sure that code
is not to blame?

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

#3

On Mon, Jul 12, 2004 at 09:28:05PM -0300, PostgreSQL Bugs List wrote:

Quote:

Since I've installed postgres on debian-testing I'm getting firewall logs
of:

RELATED PACKET:
SRC=localhost DST=localhost PROTO=ICMP CODE=3,3
PROTO=UDP SPT=1030 DPT=512

My logs show it happens every time postgres postmaster sends mail.

$ grep 512 /etc/services
exec 512/tcp
biff 512/udp comsat
$

You are seeing "biff", or the email-notification service (depricated) at
work. Something in the startup of Postgres sends email, and that is what
causes this.

Nothing to worry about.

Quote:

Any clue as to why Postgres would want rexecd on localhost? After all, the
inetd author said NOT to allow anything localhost in hosts.allow since
applications can too easily be insecure that way on many OSes.

No, not exec, but biff/comsat. (Udp versus Tcp)

--
einari (AT) f-prot (DOT) com

---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

[BUGS] BUG #1191: odd usage of port 512 on localhost

mailing.database.pgsql-bugs mailing.database.pgsql-bugs

[BUGS] BUG #1191: odd usage of port 512 on localhost - 07-12-2004 , 07:41 PM

Re: [BUGS] BUG #1191: odd usage of port 512 on localhost - 07-12-2004 , 08:11 PM

Re: [BUGS] BUG #1191: odd usage of port 512 on localhost - 07-13-2004 , 04:43 AM