Date: Sat, 16 Nov 2002 20:53:24 -0700 From: "David G. Andersen" <danderse@cs.utah.edu> To: security@freebsd.org Subject: Portmap localhost bind bug - commit fix? Message-ID: <20021116205324.B4590@cs.utah.edu>
next in thread | raw e-mail | index | archive | help
Would someone be willing to take a look at PR 30235,
and perhaps commit its patch, or the equivalent functionality?
At present, it's impossible to get portmap to bind to only
localhost, requiring that you use ipfw to filter it out if you
want to use it for local only services. This is due to a
bug in the portmap interface checking logic, and the PR
above fixes this problem.
It's a very, very welcome feature for the security paranoid
who nevertheless need to run portmap. I've been running the
patch for a week or so on a number of machines, and it's happy.
(It's simple enough...). PR has been hanging around since
2001.
Many thanks!
-Dave
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
I do not accept unsolicited commercial email. Do not spam me.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021116205324.B4590>