From: Steve Dickson <SteveD@redhat.com>
To: Olaf Kirch <okir@suse.de>
Cc: nfs@lists.sourceforge.net, akpm@osdl.org
Subject: Re: [PATCH] Fix xprt_bindresvport
Date: Sun, 17 Jul 2005 07:36:38 -0400 [thread overview]
Message-ID: <42DA42C6.1020005@RedHat.com> (raw)
In-Reply-To: <20050716071144.GA7451@suse.de>
Olaf Kirch wrote:
> On Thu, Jul 14, 2005 at 12:00:11PM -0400, Steve Dickson wrote:
>
>>Question, why is 65535 one being used here instead of something
>>like 1023 (or PROT_SOCK-1)? Since since inet_bind() will only
>>succeed with a source ports that are less than PROT_SOCK, so it
>>may not make sense to allow the user to set the max reserver port
>>to a value greater than PROT_SOCK-1, true?
>
>
> I don't understand. Of course you can bind to any socket up to 65535,
> not just 1023.
Understood... but ports > 1023 are not considered privileged and
connections that are not using privilege ports will not be accepted
by a number of RPC daemon..
> And in an environment where the admin doesn't care for privileged
> vs unprivileged ports, it's good to give him the choice of allowing
> the kernel to bind to any port.
If such an environment exists, then I agree... but I don't think this
is the norm... I'm pretty sure a lot of RPC daemons check for
privileged port by default... Something I don't think admits can
turn off...
Don't get me wrong, I really like the idea of being able to define
the range of privileged ports the kernel can use (I think it will be
very handy), but by definition a privileged port is between 1 and 1023
and by setting the max port to 1023 we would be maintaining that
definition...
steved.
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
next prev parent reply other threads:[~2005-07-17 11:36 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-11 9:25 [PATCH] Fix xprt_bindresvport Olaf Kirch
2005-07-11 12:13 ` Trond Myklebust
2005-07-14 16:00 ` Steve Dickson
2005-07-16 7:11 ` Olaf Kirch
2005-07-17 11:36 ` Steve Dickson [this message]
2005-07-17 20:49 ` Peter Åstrand
-- strict thread matches above, loose matches on Subject: below --
2005-07-17 16:02 Lever, Charles
2005-07-17 16:45 ` Olaf Kirch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42DA42C6.1020005@RedHat.com \
--to=steved@redhat.com \
--cc=akpm@osdl.org \
--cc=nfs@lists.sourceforge.net \
--cc=okir@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox