Skip to content

K
kicad-source-mirror
Switch branch/tag
History Find file
  • Gregor Riepl's avatar
    The listener is opened on INADDR_ANY, so it will accept any network · 96771ccc
    Gregor Riepl authored 
    connection, no matter if it is originating locally or from the outside
of the host. There is no check in place to discard non-local
connections. The only security against a malicious attack would be
provided by a local firewall, which is not guaranteed to be installed on
every workstation kicad is used on.

I tested this, and a host running eeschema accepts connections on TCP
port 4243 from other hosts on the internet.

A patch to remedy this potentially serious security hole is attached. It
creates the listener on localhost instead. A flag is provided to allow
the creation of sockets on 0.0.0.0 instead, if required. localhost is
the default.
    96771ccc
Name
Last commit
 Last update
3d-viewer Loading commit data...
CMakeModules Loading commit data...
Documentation Loading commit data...
bitmap2component Loading commit data...
bitmaps_png Loading commit data...
common Loading commit data...
cvpcb Loading commit data...
demos Loading commit data...
eeschema Loading commit data...
gerbview Loading commit data...
helpers/tools_to_build_newstroke-font Loading commit data...
include Loading commit data...
kicad Loading commit data...
new Loading commit data...
packaging Loading commit data...
pcb_calculator Loading commit data...
pcbnew Loading commit data...
polygon Loading commit data...
potrace Loading commit data...
resources Loading commit data...
scripting Loading commit data...
scripts Loading commit data...
template Loading commit data...
tools Loading commit data...
.bzrignore Loading commit data...
AUTHORS.txt Loading commit data...
CHANGELOG.txt Loading commit data...
CMakeLists.txt Loading commit data...
COPYRIGHT.txt Loading commit data...
CTestConfig.cmake Loading commit data...
Doxyfile Loading commit data...
HOW_TO_CONTRIBUTE.txt Loading commit data...
INSTALL.txt Loading commit data...
README.txt Loading commit data...
TODO.txt Loading commit data...
copyright.h Loading commit data...
license_for_documentation.txt Loading commit data...
notes_about_pcbnew_new_file_format.odt Loading commit data...
uncrustify.cfg Loading commit data...
version.txt Loading commit data...