From nobody Fri Aug 09 22:00:09 2024 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WgdBL1mRcz5SYKB for ; Fri, 09 Aug 2024 22:00:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WgdBK1fSPz4fZK for ; Fri, 9 Aug 2024 22:00:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723240809; a=rsa-sha256; cv=none; b=rFWrVmItNBDDxxjCA3EUmVVrInMqhLHnpTpqTUVslb7Cj/wlWdPwGKc6f1kODTHpMRE+7C 2U7z16hBy6thbGKBIdmcB281NlG0cLXyY4Ev/gGlZYLZHvdHOuANX82yPCKPWAuHMEHliR F+vmTSsZiamTJb+YdHh5KG58wsFmIcxi89ZOrwRhg8ga23Zh2utIgZEj+FXMpz5A4KPTEE BF6BuDIJ17wyAY0PZRygyE0R0fHgNzWt7W5j2lLSAqQMVyvGuDz42Xc1rXOaUbQqQuFAUq ca2VLGoIDbEOp3wLbH3TZniFTGcTw59RfiuGYi77pNgQDJS4RSaxW5v+Dw775Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723240809; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YfNg9/kQxIKa/5GXYXMfq7NOyeR3PGLIqsncCr9SusE=; b=B2DXZ330myOw/Bgw3dPPoqE+yg/CZqZbnfOmF+3+bQWKHKdUCGfXqjGveGqmP5SeONLrAC huh4TJawXdyxiWNBEiyKcBGW85y4T9oZh6Zzqtkbtllo3uQBANLLfO1o0oBBWU0AHbTjLS 8xssdlJD8glDBpR0qtetV8iVsB/GqhYcS1Dwwmg4IJD9pbKOC6rMNU45X9Pa/BUctPe6mK ivm5dnCVFDu/2LOdjAA17bcKv7/r14RegyXnTm3HELOczcONsefXT/V/PrvwnUmaaBD6nj hJ+uihS6ehi8AM6VAKqcdS7OObyXBj5pBXTS0QD+mKBy1dvoHTBJIwLlTUBKtg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WgdBK18zVzYr1 for ; Fri, 9 Aug 2024 22:00:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 479M09P8037511 for ; Fri, 9 Aug 2024 22:00:09 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 479M09dR037510 for bugs@FreeBSD.org; Fri, 9 Aug 2024 22:00:09 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 280705] 0.0.0.0/32 is equivalent to 127.0.0.1/32, which may be considered a security flaw Date: Fri, 09 Aug 2024 22:00:09 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: ltning-freebsd@anduin.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280705 --- Comment #2 from Eirik Oeverby --- Some rudimentary testing - on my own retro hardware and on copy.sh/v86/ - it seems that many OSes with IP stacks of BSD origin share this trait. Notable exceptions are OpenBSD and Windows 2000, but macOS, NetBSD, Haiku and others all do this. Even OS/2, at least versions 2.11 and 3.0 (both 16 and 32-bit TCP/IP stacks). I can't think of a good reason to keep this now, but I'll leave that decisi= on to people with more experience with obscure use cases. Perhaps hide it behi= nd a compile-time option, default off? --=20 You are receiving this mail because: You are the assignee for the bug.=