HardenedBSD/lib/libc/yp
Bill Paul 56d18eda29 In _yp_dobind(), if we find ourselves required to contact the local ypbind
directly in order to obtain binding information, check that the local
ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
We should not trust any ypbind running on a port >= IPPORT_RESERVED;
it may have been started by a malicious user hoping to trick us into
talking to a bogus ypserv.

Note that we do not check the ypserv port returned to us from ypbind.
It is assumed that ypbind has already done a reserved port test (or not,
depending on whether or not it was started with -s); if we trust the
authenticity of the local ypbind, we should also trust its judgement.

Obtained from: OpenBSD
1996-07-13 20:23:13 +00:00
..
Makefile.inc
xdryp.c
yplib.c In _yp_dobind(), if we find ourselves required to contact the local ypbind 1996-07-13 20:23:13 +00:00