From owner-cvs-lib  Sat Jul 13 13:23:35 1996
Return-Path: owner-cvs-lib
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id NAA09197
          for cvs-lib-outgoing; Sat, 13 Jul 1996 13:23:35 -0700 (PDT)
Received: (from wpaul@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id NAA09174;
          Sat, 13 Jul 1996 13:23:20 -0700 (PDT)
Date: Sat, 13 Jul 1996 13:23:20 -0700 (PDT)
From: Bill Paul <wpaul>
Message-Id: <199607132023.NAA09174@freefall.freebsd.org>
To: CVS-committers, cvs-all, cvs-lib
Subject: cvs commit:  src/lib/libc/yp yplib.c
Sender: owner-cvs-lib@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

wpaul       96/07/13 13:23:17

  Modified:    lib/libc/yp  yplib.c
  Log:
  In _yp_dobind(), if we find ourselves required to contact the local ypbind
  directly in order to obtain binding information, check that the local
  ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
  We should not trust any ypbind running on a port >= IPPORT_RESERVED;
  it may have been started by a malicious user hoping to trick us into
  talking to a bogus ypserv.
  
  Note that we do not check the ypserv port returned to us from ypbind.
  It is assumed that ypbind has already done a reserved port test (or not,
  depending on whether or not it was started with -s); if we trust the
  authenticity of the local ypbind, we should also trust its judgement.
  
  Obtained from: OpenBSD
  
  Revision  Changes    Path
  1.24      +18 -0     src/lib/libc/yp/yplib.c