Date: Sat, 13 Jul 1996 13:23:20 -0700 (PDT) From: Bill Paul <wpaul> To: CVS-committers, cvs-all, cvs-lib Subject: cvs commit: src/lib/libc/yp yplib.c Message-ID: <199607132023.NAA09174@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
wpaul 96/07/13 13:23:17 Modified: lib/libc/yp yplib.c Log: In _yp_dobind(), if we find ourselves required to contact the local ypbind directly in order to obtain binding information, check that the local ypbind is using a reserved port and return YPERR_YPBIND if it isn't. We should not trust any ypbind running on a port >= IPPORT_RESERVED; it may have been started by a malicious user hoping to trick us into talking to a bogus ypserv. Note that we do not check the ypserv port returned to us from ypbind. It is assumed that ypbind has already done a reserved port test (or not, depending on whether or not it was started with -s); if we trust the authenticity of the local ypbind, we should also trust its judgement. Obtained from: OpenBSD Revision Changes Path 1.24 +18 -0 src/lib/libc/yp/yplib.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607132023.NAA09174>