Guardian object not guarding itself?
Tom Simes
rwhois at netexpress.com
Fri Jan 12 18:07:20 EST 2007
Hello all,
I'm running the FreeBSD port of rwhoisd-1.5.9.6 and I've configured a
guardian object to protect a particular field. The guardian object
works as expected on single queries, but when I connect and do an -xfer,
the server dumps out the raw guardian object at then end of the query.
In other words, the object is protecting the information it is supposed
to, but it's not protecting itself (and yes, the attribute Guard-Info
has is-private: TRUE in my guardian.tmpl). According to RFC 2167:
A guardian object that does not have any
Guardian attribute linking it to other guardians guards itself. That
is, the authentication scheme in the guardian object itself must be
satisfied to modify, delete, or possibly view it.
But it doesn't appear to be working that way for some reason. This is
not a new installation, I initially started populating records in 2004
and the guardian object dump is the only problem I'm having - the data
indexes without error and single queries are fine.
Has anyone else seen this behavior? If you have guardian objects
defined, you might want to check that they are not being exposed in
xfers... Fortunately I have -holdconnect and -xfer limited by the TCP
wrapper mechanism, but I sure would like to get this fixed.
TIA for any insight you might have.
BTW, I'm about 90% sure this wasn't broken when I did the initial
install in 2004. I've gone so far as to pull data from old backups to
diff and re-index in hopes of finding some typo but nothing obvious has
popped out so far. Next step may be to test with an older version of
RWHOIS.
Tom
More information about the Rwhois
mailing list