I was wondering how secure you would rate KTorrent for a simple home desktop operating system. I really love ktorrrent and would like to continue using it, however recently i was hacked, performed a full system re-install and am trying to be careful about what programs I put back on my machine. Any information/documentation that can be supplied regarding ktorrent and security would be of great help in reliveing my concerns. Thanks.

Slash-kun

Well, as far as I know, nobody ever found a security vulnerability in KTorrent. But, that doesn't mean there aren't any, though I would be surprised if somebody found one.

One possible avenue of attack would be a buffer overflow in the network code, but that code is very strict in checking what it receives. And if you start sending wrong packet lengths, KT will just drop the connection.

Understood, and this would be my only area of concern as this is not a multi-user machine. I notice there are 2 ports that ktorrent listens on, why 2? Most clients I've used make use of 1 port or 1 port for each torrent running. What is the purpose of KTorrent's second port?

Many distributions, including Fedora Core, Redhat Enterprise, Ubuntu Edgy Eft (coming out next month), and others employ GCC's SSP (Stack Smashing Protection) technology, which should make buffer overflows pretty hard to carry out.


If you really are concerned about security, how about running KTorrent under its own user account? That way even if someone does break in, he only has the permissions to access whatever the torrent user is allowed to access.

slash-kun wrote:Understood, and this would be my only area of concern as this is not a multi-user machine. I notice there are 2 ports that ktorrent listens on, why 2? Most clients I've used make use of 1 port or 1 port for each torrent running. What is the purpose of KTorrent's second port?

KT can potentially use 3 ports :
- One for accepting new bittorrent connections
- One for UDP trackers (UDP tracker protocol uses less bandwith then the HTTP one)
- One for DHT

UDP trackers are very rare, so this is not used much.

All clients supporting DHT will use 2 ports.

Many distributions, including Fedora Core, Redhat Enterprise, Ubuntu Edgy Eft (coming out next month), and others employ GCC's SSP (Stack Smashing Protection) technology, which should make buffer overflows pretty hard to carry out.


If you really are concerned about security, how about running KTorrent under its own user account? That way even if someone does break in, he only has the permissions to access whatever the torrent user is allowed to access.

Jdong:
Thanks for your response and insight. I was unaware of SSP technology, or simply forgot about it would be more appropriate. This does relieve a lot of concerns, however I will still follow your recommendation for running it under a different user account. I do have a question about that. Is this as simple as:
chown ktorrentuser.ktorrentuser ktorrent;
chmod ug+s ktorrent;
Then giving any directory ktorrent needs to read/write to/from proper permissions for ktorrentuser?

Additionally, would there be any potential problems with running ktorrent in a `chroot` environment? I do not have any experience with this, but it is something that has occurred to me. Thanks for your previous response and hopefully any future correspondance.

KT can potentially use 3 ports :
- One for accepting new bittorrent connections
- One for UDP trackers (UDP tracker protocol uses less bandwith then the HTTP one)
- One for DHT

UDP trackers are very rare, so this is not used much.

All clients supporting DHT will use 2 ports.

George:
Thanks again for your response. Is there a way to disable the udp tracker if not used? Not really an issue, I can simply firewall the port or not forward it. That is quite a nice feature however. Is it part of the BT specification? I'm surprised more trackers aren't using this yet.

Regards,

slash-kun

I realize maybe some of the questions I asked previously may have gone outside the topic of ktorrent itself. Let me rephrase. Would it be possible to run ktorrent in a chroot environment without any problems?

slash-kun wrote:I realize maybe some of the questions I asked previously may have gone outside the topic of ktorrent itself. Let me rephrase. Would it be possible to run ktorrent in a chroot environment without any problems?

I don't know, never tried this, I guess it should be OK, as long as you have access to an X server and you have a home directory within the chrooted environment, so KT can store it's files.

I'm running ktorrent as a different user, in order to do this, I had to xhost +localhost. To start ktorrent up, I open a terminal and "su -l ktorrentuser; ktorrent", it starts up fine, runs fine, everything works as it should, however I occassionally see these messages logged to that terminal screen:

Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified

My concern is that there is somehow a vulnerability in ktorrent that might possibly allow a remote individual to view my xsession. Where are these messages coming from? Ktorrent should no longer be trying to create new connections to the xserver, and if it was, since it's running on localhost it wouldn't be denied. Am I right? I hope this is as much of a concern to the ktorrent development team as it is to me. Additionally, if I am wrong in my assumptions can someone point me in the direction as to where these messages are coming from? Or as to how I can find out where these messages or illegitimate xserver connections are coming from? Am I misunderstanding some functionality here somewhere?

slash-kun wrote:I'm running ktorrent as a different user, in order to do this, I had to xhost +localhost. To start ktorrent up, I open a terminal and "su -l ktorrentuser; ktorrent", it starts up fine, runs fine, everything works as it should, however I occassionally see these messages logged to that terminal screen:

Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified

My concern is that there is somehow a vulnerability in ktorrent that might possibly allow a remote individual to view my xsession. Where are these messages coming from? Ktorrent should no longer be trying to create new connections to the xserver, and if it was, since it's running on localhost it wouldn't be denied. Am I right? I hope this is as much of a concern to the ktorrent development team as it is to me. Additionally, if I am wrong in my assumptions can someone point me in the direction as to where these messages are coming from? Or as to how I can find out where these messages or illegitimate xserver connections are coming from? Am I misunderstanding some functionality here somewhere?

Don't know, the X stuff is handled by Qt. This could be KIO::Job's, they are separate processes and they can create dialogs (progress dialogs mostly). But they run locally.

If this is somebody trying to access your X server from somewhere else, you should be able to see this if you run ethereal.