freebsd-dev/usr.sbin/ypserv
Bill Paul 42c703633d Close a potential security hole: if yp_access() is passed a map name,
have it check to see that it doesn't contain any '/' characters. This
prevents possible silliness like ypcat "../../../kernel". We already
test the domain name for this in yp_validdomain(), and ypserv itself
tests the map name in yp_open_db(), but it doesn't hurt to be paranoid
and test for it in the generic access routine too. rpc.ypxfrd does not
test the map name for slashes, but it does call yp_access() with the
map name, so this removes a potential vulnerability from there.

Also make the tests for IPPORT_RESERVED a little more selective: make
sure it trips when map == master.passwd.*, prog == YPPROC and proc ==
YPPROC_XFR, and prog == YPXFRD_FREEBSD_PROG and proc == YPXFRD_GETMAP.
Also use IPPORT_RESERVED instead of hard-coded value.
1996-09-30 22:27:00 +00:00
..
Makefile Toss the mkaliases script into the attic and remove its install 1996-09-15 00:39:20 +00:00
Makefile.yp was missing @ 1996-08-09 17:55:18 +00:00
yp_access.c Close a potential security hole: if yp_access() is passed a map name, 1996-09-30 22:27:00 +00:00
yp_dblookup.c Re-implement the DB handle cache using a circular queue and manage 1996-07-07 23:02:41 +00:00
yp_dnslookup.c Hmm, well, whaddya know? ypserv was making calls to the undocumented 1996-08-30 01:17:47 +00:00
yp_error.c Small touch-ups -- no functional changes. 1996-05-31 16:01:51 +00:00
yp_extern.h Performance enhancements (I hope) and new stuff: 1996-04-28 04:38:52 +00:00
yp_main.c Small touch-ups -- no functional changes. 1996-05-31 16:01:51 +00:00
yp_server.c Small touch-ups -- no functional changes. 1996-05-31 16:01:51 +00:00
ypserv.8 Use the .Fx macro where appropriate. 1996-08-23 00:57:08 +00:00