mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-23 01:53:46 +01:00
56d18eda29
directly in order to obtain binding information, check that the local ypbind is using a reserved port and return YPERR_YPBIND if it isn't. We should not trust any ypbind running on a port >= IPPORT_RESERVED; it may have been started by a malicious user hoping to trick us into talking to a bogus ypserv. Note that we do not check the ypserv port returned to us from ypbind. It is assumed that ypbind has already done a reserved port test (or not, depending on whether or not it was started with -s); if we trust the authenticity of the local ypbind, we should also trust its judgement. Obtained from: OpenBSD |
||
---|---|---|
.. | ||
Makefile.inc | ||
xdryp.c | ||
yplib.c |