[lcdproc] LCDd Server Patches

David Douthitt n9ubh@callsign.net
Wed, 12 Sep 2001 15:20:39 -0400

wwf@splatwerks.org wrote:
> --- ssrat@mailbag.com wrote ---
> > I made some patches to LCDd.
> >
> > Most significant ones are:
> >
> > * LCDd now uses getopt_long(3)
> > * Refuses to "load" driver named "base"
> > * Help display shows valid available drivers
> > * Text Driver now has a help screen and exits properly when options are
> > given
> > * Better bombproofing
> I'm concerned about the "using loopback for sockets only" thing. I know
> this is a security concern, but I think this is also a fairly drastic
> change; the point of the v0.4 series was to let multiple boxes report
> stats to one LCD.
> What do other folks think?

It is rather drastic, I agree.  I always thought the whole point of LCDd
was to put stats of the current box on an LCD; I can't imagine why one
would want to have network access to a LCD display on a local box...

But anyway - the code is structured such that with the right options it
would be simple to make LCDd (as patched) start and bind to whatever
interfaces are desired.  Since I've hacked in the use of getopt_long(3),
adding this as an option is simple.  Perhaps --address (for specific
addresses) and --all (for all interfaces)?

As for security - if I can get access to your network, I wonder how hard
it would be to compromise a box running LCDd on it... with the loopback
security patch, a box running LCDd cannot be compromised via LCDd over
the network...

To unsubscribe from this list send a blank message to