I'm trying to duplicate the functionality of rsh, mount,
etc which restricts incoming requests to a server to the
reserved ports below 1024 which only root on the client
machine can allocate. Only root (netcat) on a client
machine will be able to allocate a reserved port.
sever gets remotehost and port name via getpeername.
If port number is not less than 1024 and from the
expected client request is rejected.
Yes I know this is not best security but it is sufficiient
for my purposes, given that other security mechanisms
such as encryption can still be compromised by root on
the client machine.
What would be useful would be a range of port numbers
specified on the port switch (e.g -p 1023-512 look from
1024 downwards for a reserved port or -p 512-1023 ).
Log in to post a comment.