Subject: Re: pseudo-shadowing of passwords with ypserv?
To: Luke Mewburn <lukem@goanna.cs.rmit.edu.au>
From: Simon J. Gerraty <sjg@quick.com.au>
List: tech-security
Date: 10/07/1998 13:37:38
>the problem i see with your suggestion is that can you guarantee that
>non *bsd clients will work; i.e, do all their clients bind to <1024
>if euid==0? i believe that netbsd does it because it was modified
>so that if euid==0 it binds a reserved port otherwise it binds
>a non reserved port.
In Sun's reference implementation:
/* @(#)clnt_tcp.c 2.2 88/08/01 4.0 RPCSRC */
/* @(#)clnt_udp.c 2.2 88/08/01 4.0 RPCSRC */
always attempt to bind a reserved port.
So I'd say its reasonable to expect most implementations
to do the same.
--sjg