On Mon, May 2, 2011 at 5:00 PM, Lukas Huba <[email protected]> wrote: >> 1st, checking for ports < 1024 on remote calls is nearly pointless: >> it is a verstige of the era when the case of *unprivileged* user >> attacking over network was a usual case. These days, remote attackers >> usually will have no trouble using a machine where they have root >> (such as using their own laptop...). > It's for local applications. Only user with root privileges can have port < > 1024. > >> Since we use such a small subset here, maybe we just open-code it? > What exactly do you mean?
I mean: this program uses only five svc_FOO functions: svc_getcaller svc_getargs svc_sendreply svc_register svc_run If we simply reimplement them - sanely, so that they support arbitrary sockaddrs (meaning: IPv6 and more) - we do not need to use ones from libc. Another advantage is that then we can link against small libcs which may lack these functions - these functions are not POSIX/SUS, right? Their source can be found in glibc or uclibc. For uclibc, see libc/inet/rpc/*.c files in uclibc tree. -- vda _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
