tech-security: re: libwrap (was Re: amd vulnerability: patch for 1.3.3)

Subject: re: libwrap (was Re: amd vulnerability: patch for 1.3.3)
To: Brian C. Grayson <bgrayson@marvin.ece.utexas.edu>
From: matthew green <mrg@eterna.com.au>
List: tech-security
Date: 10/18/1999 16:52:42

  by redmail.netbsd.org with SMTP; 18 Oct 1999 06:52:53 -0000
	by splode.eterna.com.au (Postfix) with ESMTP
	id 0FD6D3C88; Mon, 18 Oct 1999 16:52:42 +1000 (EST)
To: "Brian C. Grayson" <bgrayson@marvin.ece.utexas.edu>
Cc: Manuel Bouyer <bouyer@antioche.lip6.fr>,
	tech-security@netbsd.org, itojun@iijlab.net
subject: re: libwrap (was Re: amd vulnerability: patch for 1.3.3) 
in-reply-to: your message of "Mon, 18 Oct 1999 01:48:04 EST."
             <19991018014804.A19607@marvin.ece.utexas.edu> 
organisation: people's front against (bozotic) www (softwar foundation)
x-other-organisation: The NetBSD Foundation.
Date: Mon, 18 Oct 1999 16:52:42 +1000
Message-ID: <16517.940229562@eterna.com.au>
From: matthew green <mrg@eterna.com.au>

   
     Thanks.  It should be feasible to check against both portmap
   and the specific service, via two checks -- "portmap" and
   getrpcbynumber(prog).  Would this be worth coding up?

wouldn't this require hacking each program ?  i'm not saying this
_isn't_ worthwhile (mountd access lists would be nice, eg :-), but
that it is not a localised change ...?