Re: perl or libc6 bug?: getpwnam('root') in NIS environment

To: debian-devel@lists.debian.org
Subject: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
From: miquels@cistron.nl (Miquel van Smoorenburg)
Date: 15 Apr 1999 13:03:12 +0200
Message-id: <[🔎] 7f4h1g$nja$1@Q.cistron.nl>
In-reply-to: <[🔎] ytt676yhlmy.fsf@gilgamesh.cse.ucsc.edu>

In article <cistron.ytt676yhlmy.fsf@gilgamesh.cse.ucsc.edu>,
Ben Gertzfield  <che@debian.org> wrote:
>    Miquel> You mean that it's not meaningful on a windows box. It's
>    Miquel> useless for NIS aas well - it's too slow. I've tried to
>    Miquel> use ident for NIS security - slow, as I said.
>
>Just curious, but how do you then determine the user that's accessing
>the maps?

Well it turns out that Sun RPC (which basically is also used by Linux libc)
always tries to bind to a priviliged port before sending any RPC packet.
That means that all RPC requests will originate from a reserved port if
a root process did the request and from a non-reserved port if joe user
did the request ...

Still this is only safe if you can trust the remote host. Never configure
NIS access for an entire subnet if there are Macs, PCs or user-owned/adminned
Linux boxes on it.

Mike.
-- 
Indifference will certainly be the downfall of mankind, but who cares?

Reply to:

References:
- Re: perl or libc6 bug?: getpwnam('root') in NIS environment
  - From: Ben Gertzfield <che@debian.org>

Prev by Date: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
Next by Date: ipopd & qpopper
Previous by thread: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
Next by thread: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
Index(es):
- Date
- Thread