Subject: Re: $HOSTALIASES thing.
To: Andrew Brown <email@example.com>
From: None <firstname.lastname@example.org>
Date: 11/04/2000 15:59:02
>that isn't so much the problem, but that joe user can do
> s = socket();
> sa.s_port = htons(23);
> sa.s_addr = <your_ip_address>;
> bind(s, &sa);
>and catch all inbound telnet attempts since inetd only listens on
>IN_ADDR_ANY. that's bad, and, for example, *anyone* can do that to
>your x server since it listens on *.6000.
the above (bind to specific address while someone is bound to
wildcard) was banned with sys/netinet/in_pcb.c revision 1.58