Bug 4558
Summary: | Portmapper Deosn't obey *names* in hosts.allow/deny | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Joshua Jensen <joshua> |
Component: | portmap | Assignee: | David Lawrence <dkl> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.0 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 1999-08-17 16:12:40 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Joshua Jensen
1999-08-17 00:23:48 UTC
RPC services such as portmap by default does not do name lookups to avoid deadlocks. Therefore only network number patterns will work for portmap access control. Example: /etc/hosts.allow: portmap: your.sub.net.number/your.sub.net.mask portmap: 255.255.255.255 0.0.0.0 /etc/hosts.deny portmap: ALL: (/some/where/safe_finger -l @%h | mail root) & Try using IP's instead of names and also you can turn on verbose logging by running portmap with the -v switch and then viewing what may be going wrong in /var/log/messages. The above information was found in /usr/doc/portmap-4.0/README. |