Subject: Re: Requests to lpd from non-reserved ports rejected (& other q's)
To: Brett Lymn <blymn@baesystems.com.au>
From: Rafal Boni <rafal@mediaone.net>
List: current-users
Date: 05/17/2001 10:06:29
In message <200105171328.WAA03109@mallee.awadi>, Brett writes: 

-> According to Rafal Boni:
-> >
-> >My chief complaint so far is that `lpd' categorically rejects requests 
-> >originating from non-reserved ports as "Malformed".   Other than the
-> >dubious amount of security this gives you, is there some other reason
-> >for rejecting these requests?
-> >
-> 
-> Not that I know of apart from tradition - the lpd in SunOS 4.1.3 does
-> the same thing so it was probably a Berkley thing.  In this day of
-> easily having your own unix like machine and/or a wintel box which
-> does not enforce the "reserved port" paradigm make the security aspect
-> laughable.

[...]
-> Probably the source port check should just die.

I thought the same thing, but thought I'd err on the conservative side
just to minimize the number of toes stepped on 8-)

--rafal

----
Rafal Boni                                                  rafal@mediaone.net