From 0210f16cf1bd2f87b7fe4336311c6dfd88030f8b Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Mon, 16 Apr 2007 11:15:40 +1000 Subject: Be more cautious about use for privilege ports (<1024). Ports < 1024 are a scarce resource and should not be used carelessly. Technically they should be not used at all without registration with IANA, but sometimes we need them despite that. So: for the socket that RPC services listen on, don't use a <1024 port by default. There is no need. For sockets that we send messages on, that are long-lived, and that might need to appear 'privileged', avoid using a number that is registered in /etc/services if possible. --- support/nfs/svc_socket.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'support/nfs/svc_socket.c') diff --git a/support/nfs/svc_socket.c b/support/nfs/svc_socket.c index 6799d16..f44217a 100644 --- a/support/nfs/svc_socket.c +++ b/support/nfs/svc_socket.c @@ -101,8 +101,6 @@ svc_socket (u_long number, int type, int protocol, int reuse) } else { - if (bindresvport (sock, &addr)) - { addr.sin_port = 0; if (bind (sock, (struct sockaddr *) &addr, len) < 0) { @@ -110,7 +108,6 @@ svc_socket (u_long number, int type, int protocol, int reuse) (void) __close (sock); sock = -1; } - } } if (sock >= 0) -- cgit