On 2012-03-31 22:58:45 +0000, John Nagle said:
Some versions of CentOS 6 seem to have a potential getaddrinfo exploit. SeeTo test, try this from a command line: ping example If it fails, good. If it returns pings from "example.com", bad. The getaddrinfo code is adding ".com" to the domain.
There is insufficient information in your diagnosis to make that conclusion. For example: what network configuration services (DHCP clients and whatnot, along with various desktop-mode configuration tools and services) are running? What kernel and libc versions are you running? What are the contents of /etc/nsswitch.conf? Of /etc/resolv.conf (particularly, the 'search' entries)? What do /etc/hosts, LDAP, NIS+, or other hostname services say about the names you're resolving? Does a freestanding C program that directly calls getaddrinfo and that runs in a known-good loader environment exhibit the same surprises? Name resolution is not so simple that you can conclude "getaddrinfo is misbehaving" from the behaviour of ping, or of your Python sample, alone.
In any case, this seems more appropriate for a Linux or a CentOS newsgroup/mailing list than a Python one. Please do not reply to this post in comp.lang.python.
-o -- http://mail.python.org/mailman/listinfo/python-list
