by Wietse Venema
Categories: Access Control, Applications, Replacement, RPC
This is a rpcbind replacement with access control in the style of the tcp/ip daemon wrapper (log_tcp) package. It provides a simple mechanism to discourage remote access to the NIS (YP), NFS, and other rpc services. It also has host access control on IP addresses. Note that the local host is considered authorized and host access control requires the libwrap.a library that comes with recent tcp/ip daemon wrapper (log_tcp) implementations. If a port requests that are forwarded by the rpcbind process will be forwarded through an unprivileged port. In addition, the rpcbind process refuses to forward requests to rpc daemons that do, or should, verify the origin of the request: at present. The list includes most of the calls to the NFS mountd/nfsd daemons and the NIS daemons

Comments Mode:
Cool 2005-05-05


Privacy Statement
Copyright 2010, SecurityFocus