[README] [README.j] [README.sh] [make] [Makefile] [Ìá¤ë]

@(#) BLURB 1.3 93/11/21 17:41:40

This is the third replacement portmapper release.

There is an increasing interest in access control for the NIS, mount
and other RPC-based services that are normally registered with the
portmap process. Possible attacks on RPC daemons involve:

    - theft of NIS (YP) password files

    - ypset to force hosts to bind to a rogue NIS (YP) server

    - theft of NFS file handles

My contribution is a replacement portmap program, derived from source
code in the RPCSRC 4.0 and the TIRPC source distributions.  Access
control is in the style of my tcp wrapper (log_tcp) package. It should
work with all SunOS 4.x and Ultrix >= 3.0 releases. However, the source
is reasonably portable and the code should work on most UNIX systems
that provide SUNRPC on top of BSD-style TCP/IP. System V.4 support is
problematic, though.

The present portmap version attempts to close all portmap security
problems that are known to me. It should be as secure as the portmap
daemon that comes with the SunOS 4.x portmap+NIS patch (patch id
100482-02). The README file gives a complete list of security
features.

Without the availability of portmap source, possible alternatives are
1) packet filtering with a smart router; 2) linking the portmap
executable against the securelib shared library. Linking RPC daemons
against the securelib library is a good idea, anyway.

The source is available for anonymous FTP from ftp.win.tue.nl directory
/pub/security/portmap_*.shar.Z.

	Wietse Venema (wietse@wzv.win.tue.nl)
	Mathematics and Computing Science
	Eindhoven University of Technology
	The Netherlands