|
|
Boost : |
From: Christopher Kohlhoff (chris_at_[hidden])
Date: 2005-10-04 16:35:31
Hi Dick,
--- BRIDGES Dick <Dick.Bridges_at_[hidden]> wrote:
> No. SO_REUSEADDR does increase the attack surface. Not a lot and
> less
> now than in the past but IMHO there's no point in helping the bad
> guys
> even a little bit if it's not required. Besides, I doubt all that
> many
> people would find it useful. My mumbling was aimed more toward
> myself
> than anything else - I have written a fair amount of "server" code
> and
> should have developed better habits by now. ;)
I just checked my copy of Unix Network Programming Vol. 1 and it does
recommend always setting the SO_REUSEADDR option (even though it notes
the security issue).
> Hmmm. The copy of the library I downloaded on 14 September doesn't
> have socket_acceptor::reuse_address and linux.softpedia.com says the
> last update was 5 September. I used stream_socket::reuse_address
> instead and that worked. Is there a newer version of the library
> somewhere else?
There's the version I'm working on in sourceforge CVS, which is what I
had based my answer on, sorry.
> I would like to see this initialization code pushed back down into
> the acceptor. Maybe something along the lines of an "option_policy",
> but I can't come up with anything to suggest that isn't more trouble
> than it's worth.
Yeah, these sort of options might somehow be associated with the
protocol, since I can see different protocols (e.g. UNIX domain
sockets, Bluetooth RFCOMM, etc) needing different defaults. I might
leave this until asio gets more use in other types of socket to see
what can be made reusable.
Cheers,
Chris
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk