Re: access control for mountd, statd, and lockd?

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: access control for mountd, statd, and lockd?
From: Steven Bellovin <smb%cs.columbia.edu@localhost>
Date: Sun, 7 Feb 2010 14:02:04 -0500

On Feb 7, 2010, at 1:43 PM, Thor Lancelot Simon wrote:

> On Sun, Feb 07, 2010 at 01:35:19PM -0500, Steven Bellovin wrote:
>> 
>> I suspect that the others need their own libwrap support and/or a -p option.
> 
> I don't see how a -p option could work with standard RPC clients.

It would certainly take unusual code, like what mountd has.  Should there be 
libwrap code in the RPC library?  Should an optional port-number mapping file 
be consulted by svc_create?  I'm unhappy with the thought of network services 
with no access control at all.

                --Steve Bellovin, http://www.cs.columbia.edu/~smb

Follow-Ups:
- Re: access control for mountd, statd, and lockd?
  - From: Chuck Swiger

References:
- access control for mountd, statd, and lockd?
  - From: Steven Bellovin
- Re: access control for mountd, statd, and lockd?
  - From: Thor Lancelot Simon
- Re: access control for mountd, statd, and lockd?
  - From: Steven Bellovin
- Re: access control for mountd, statd, and lockd?
  - From: Thor Lancelot Simon
- Re: access control for mountd, statd, and lockd?
  - From: Steven Bellovin
- Re: access control for mountd, statd, and lockd?
  - From: Thor Lancelot Simon

Prev by Date: Re: access control for mountd, statd, and lockd?
Next by Date: Latest Intel integrated gfx chipsets (or nVidia)
Previous by Thread: Re: access control for mountd, statd, and lockd?
Next by Thread: Re: access control for mountd, statd, and lockd?
Indexes:

Home | Main Index | Thread Index | Old Index