Bug 215532

Description Donnie Berkholz (RETIRED) 2008-03-31 08:10:07 UTC

I've received a report from a user about an error in the security handbook. The details are below:

> >  On page:
> >
> >  <http://www.gentoo.org/doc/en/security/security-handbook.xml?full=1>
> >
> >  it is suggested to set secure_redirects to 0:
> >
> >  # /bin/echo "0" > /proc/sys/net/ipv4/conf/all/secure_redirects
> >
> >  Both IBM and Oskar Andreasson (FrozenTux) disagree:
> >
> >  IBM's Linux Performance and Tuning Guidelines:
> >
> >  These commands configure the server to ignore redirects from 
> >  machines that are listed as gateways. Redirect can be used to 
> >  perform attacks, so we only want to allow them from trusted 
> >  sources:
> >     sysctl -w net.ipv4.conf.eth0.secure_redirects=1
> >
> >  <www.redbooks.ibm.com/redpapers/pdfs/redp3862.pdf>
> >
> >  Andreasson:
> >
> >  3.5.11. secure_redirects
> >
> >  This variable turns on secure redirects. If it is turned off, the 
> >  Linux kernel will accept ICMP redirects from any host, anywhere. 
> >  However, if it is turned on, ICMP redirects will only be accepted 
> >  from gateways listed in the default gateway list. This way we can 
> >  get rid of most illegal redirects that can be used to log your 
> >  traffic and grab sensitive data, such as passwords etcetera.
> >
> >  The secure_redirects variable takes a boolean value and is per 
> >  default turned on. It may both be turned on or turned off. Note 
> >  that this variable is overridden by the shared_media variable, so 
> >  to turn this one on, you must turn on shared_media as well.
> >
> >  sysctl -w net.ipv4.conf.lo.secure_redirects=1
> >
> >  <ipsysctl-tutorial.frozentux.net/chunkyhtml/theconfvariables.html>
> >
> >  These seem to me like fairly reliable sources and their 
> >  explanations make sense.
> >
> >  What do you say?