Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-4]: src/usr.sbin/portmap pull up rev 1.25 from trunk (requested...
details: https://anonhg.NetBSD.org/src/rev/7f1a1089f6dd
branches: netbsd-1-4
changeset: 470668:7f1a1089f6dd
user: cgd <cgd%NetBSD.org@localhost>
date: Mon Jun 26 01:27:53 2000 +0000
description:
pull up rev 1.25 from trunk (requested by sommerfeld):
Fix a hole in the portmap libwrap access control. The new code
disallows all indirect calls to the portmapper except for
PMAPPROC_NULL unless the -i (insecure) flag has been specified.
While there, add a new flag, -p (paranoid) which also disallows
indirect calls to a small number of other services, including
key parts of NFS and NIS.
diffstat:
usr.sbin/portmap/portmap.c | 43 ++++++++++++++++++++++++++++++++++++++-----
1 files changed, 38 insertions(+), 5 deletions(-)
diffs (114 lines):
diff -r c84edda599fb -r 7f1a1089f6dd usr.sbin/portmap/portmap.c
--- a/usr.sbin/portmap/portmap.c Sun Jun 04 14:31:13 2000 +0000
+++ b/usr.sbin/portmap/portmap.c Mon Jun 26 01:27:53 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: portmap.c,v 1.19 1999/03/12 18:06:12 christos Exp $ */
+/* $NetBSD: portmap.c,v 1.19.2.1 2000/06/26 01:27:53 cgd Exp $ */
/*-
* Copyright (c) 1990, 1993
@@ -44,7 +44,7 @@
#if 0
static char sccsid[] = "@(#)portmap.c 8.1 (Berkeley) 6/6/93";
#else
-__RCSID("$NetBSD: portmap.c,v 1.19 1999/03/12 18:06:12 christos Exp $");
+__RCSID("$NetBSD: portmap.c,v 1.19.2.1 2000/06/26 01:27:53 cgd Exp $");
#endif
#endif /* not lint */
@@ -87,6 +87,8 @@
* Mountain View, California 94043
*/
+#define PARANOID_LIST
+
/* who to suid to if -s is given */
#define RUN_AS "daemon"
@@ -110,6 +112,12 @@
#include <syslog.h>
#include <unistd.h>
+#ifdef PARANOID_LIST
+#include <rpcsvc/mount.h>
+#include <rpcsvc/nfs_prot.h>
+#include <rpcsvc/yp_prot.h>
+#endif
+
#ifdef LIBWRAP
# include <tcpd.h>
#ifndef LIBWRAP_ALLOW_FACILITY
@@ -170,6 +178,9 @@
int insecure = 0;
int runasdaemon = 0;
int verboselog = 0;
+#ifdef PARANOID_LIST
+int paranoid_hardcoded_service_list = 0;
+#endif
int
main(argc, argv)
@@ -183,7 +194,7 @@
struct pmaplist *pml;
extern char *__progname;
- while ((c = getopt(argc, argv, "dils")) != -1) {
+ while ((c = getopt(argc, argv, "dilps")) != -1) {
switch (c) {
case 'd':
@@ -197,7 +208,11 @@
case 'l':
verboselog = 1;
break;
-
+#ifdef PARANOID_LIST
+ case 'p':
+ paranoid_hardcoded_service_list = 1;
+ break;
+#endif
case 's':
runasdaemon = 1;
break;
@@ -317,8 +332,8 @@
if (debugging)
(void)fprintf(stderr, "server: about to do a switch\n");
+
switch (rqstp->rq_proc) {
-
case PMAPPROC_NULL:
/*
* Null proc call
@@ -481,6 +496,7 @@
* This procedure is only supported on rpc/udp and calls via
* rpc/udp. It passes null authentication parameters.
*/
+
callit(rqstp, xprt);
break;
@@ -604,6 +620,23 @@
/* host and service access control */
if (!check_access(svc_getcaller(xprt), rqstp->rq_proc, a.rmt_prog))
return;
+
+ if ((a.rmt_prog == PMAPPROG) && (a.rmt_proc != PMAPPROC_NULL) && !insecure) {
+ logit(deny_severity, svc_getcaller(xprt), a.rmt_proc, a.rmt_prog,
+ ": attempt to call port mapper indirectly");
+ return;
+ }
+
+#ifdef PARANOID_LIST
+ if (paranoid_hardcoded_service_list && (a.rmt_prog == NFS_PROGRAM ||
+ (a.rmt_prog == MOUNTPROG && a.rmt_proc == MOUNTPROC_MNT) ||
+ (a.rmt_prog == YPPROG && a.rmt_proc != YPPROC_DOMAIN_NONACK))) {
+ logit(deny_severity, svc_getcaller(xprt), a.rmt_proc, a.rmt_prog,
+ ": attempt to call disallowed service indirectly");
+ return;
+ }
+#endif
+
if ((pml = find_service(a.rmt_prog, a.rmt_vers,
(u_long)IPPROTO_UDP)) == NULL)
return;
Home |
Main Index |
Thread Index |
Old Index