> > ypset should only be permitted from a reserved port.
> > from Tor Egge <tegge@pvv.unit.no>

> there should be a ypbind command line switch to turn this off.  As you
> know, non-pure unix machines, and pcs don't follow this rule.  See
> the '-n' switch to mountd.

no, this is a good fix.

this change only affects the the "ypset" command (a command which
arguably should not exist, but does.. thanks, sun :-)

without this fix, anyone anywhere would be able to ypset your ypbind,
causing it to bind to a server anywhere in the world. this is not-good,
and i'm kinda ashamed that this hole existed!

I'm now thinking there might be other similar security holes in ypbind..

------------------------------------------------------------------------------