Date: Fri, 24 May 2002 10:58:58 -0600 From: Ian <freebsd@damnhippie.dyndns.org> To: <hackers@freebsd.org> Subject: portmap, rpcbind, and open PRs Message-ID: <B913CD71.D464%freebsd@damnhippie.dyndns.org>
next in thread | raw e-mail | index | archive | help
There are two open PRs relating to portmap (in 4.x) not allowing you to specify on the command line that it should bind only to the localhost interface (bin/30235, bin/34919). Of the two, I think the patch included with 30235 is the cleaner solution. However, it appears that -CURRENT doesn't use portmap at all, it uses rpcbind, which doesn't have any config options for binding only to given IP addresses. (I think that's a serious deficiency, personally.) I guess the new way of things is to use tcpwrappers or firewall rules to protect rpcbind. If there's mileage in fixing portmap for the remaining lifetime of FreeBSD 4.x, then I'd recommend applying the patch in PR 30235 and closing the other PR. (I guess this should be done after the 4.6 release.) If there's no point in fixing it at this late date, both PRs should probably be closed. -- Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B913CD71.D464%freebsd>