>  | does it also ban also affect sockets with SO_REUSEPORT set?  does the
>  | error occur on the bind() or the listen()?
>
>The more relevant point is that as shipped now, super-secure
>NetBSD has no telnet (or rlogin, or ...) servers running on it.
>That means that, other than privports, there's no way to stop
>any random user running a "pretend" telnet server on an out of
>the box NetBSD system.   Of course, we do have privports, so
>it is all more or less OK...   ie: privports aren't useless.

well...that may be true, but look at it like this: if i *start* a
telnet server, it's because i'm going to *have* people logging in.  if
*have* people logging in, i *don't* want them to be able to install a
fake telnetd on port 23.  or rlogind where there previously was not
one.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."