Suggestion for an altered portmap package
Troels Arvin
troels at arvin.dk
Thu Aug 12 08:17:37 UTC 2004
On Wed, 11 Aug 2004 17:21:49 -0700, David Kewley wrote:
> portmap uses tcp-wrappers, so you can use /etc/hosts.{allow,deny} to
> control which packets you process. Yes, portmap still listens on all
> interfaces, but if I understand tcp-wrappers correctly, portmap won't be
> asked to process any disallowed packets.
Still, if there is a security bug in the code accepting UDP trafic on port
111, then I would still be at risk.
Almost all daemons in Fedora can be told not to listen on public
interfaces. Portmap is one of the few exceptions, and I'd like to correct
that.
--
Greetings from Troels Arvin, Copenhagen, Denmark
More information about the fedora-devel-list
mailing list