On Thu, 2007-01-25 at 00:50 +0100, Jan Engelhardt wrote: > Hello list, > > > I just don't know where else I could send this, it's sooo generic to > Linux and UNIX (perhaps blame SUN for inventing portmap?) > Well, here goes... > > As we all know, mountd and other SUNRPC (I question this invention too) > services are at a fixed RPC port number (/etc/rpc) which are mapped > to a random TCP/UDP port, and the application doing the mappings is > portmap. This random TCP/UDP port selection is what makes it suck. > > Already twice in 6 months, it has occurred to me that mountd was > assigned to vital TCP ports, among which there was: > > 631/tcp causing > - cups could not start up properly > - samba went into an infinite loop upon startup trying > to access port 631 with IPP > > There are a number of common ports in the 512-1023 range. All > obsolescence and meaninglessness aside, there _are_ rather "important" > services in that range, ldaps, rtsp, kerberos, rsync, ftps, imaps, just > to name a few from /etc/services. This map-to-random-port behavior is a > total DoS thing. > > Not starting portmap until boot has finished does not work. Think > of importing NFS beforehand (/usr, anyone?). Even if, your admin would > be very puzzled if he finds that normally-disabled daemons cannot be > started at any later time. > > At best I'd obsolete the whole SUNRPC stuff, do away with portmap (and > just use TCP/UDP port numbers already) and have a LOT of code simplified > (portmap registration for knfsd, to name a prime example). > Or at least give it fixed TCP/UDP/etc. port numbers too.
1) What the hell does this have to do with the kernel mailing list? 2) Then assign a bloody port number to mountd, and stick to it. Why do you think there is a '-p' command line option in the first place? Trond - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
