This is the mail archive of the
libc-alpha@sourceware.cygnus.com
mailing list for the glibc project.
Re: [han.holl@pobox.com] libc/1172: rresvport should avoid well known ports
Thorsten Kukuk wrote:
>
> On Fri, Jun 25, Han Holl wrote:
> >
> > Is there anything very wrong with my earlier suggestion to use
> > getservbyport() ?
> >
> > A system administrator could decide to edit in/out the ports (s)he
> > wants reserved for well known daemons/ free for dynamic assignment.
> >
> > Am I missing something here ?
>
> Yes. For example as Systemvedor like Sun or as Linux Distributor you
> should add all reserved numbers to /etc/services. What happens if
> nearly all numbers are assigned in this range ? The system couldn't
> boot, you couldn't make queries from a reserved port, ...
> Your system is unuseable.
>
I think you exaggerate: here's the list of tcp ports from the
/etc/services
list that came with RedHat 6.0:
npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS
npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS
hmmp-ind 612/tcp dqs313_intercell# HMMP Indication / DQS
kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
webster 765/tcp # Network dictionary
kerberos4 750/tcp kerberos-iv kdc # Kerberos (server) tcp
kerberos_master 751/tcp # Kerberos authentication
krb_prop 754/tcp # Kerberos slave propagation
krbupdate 760/tcp kreg # Kerberos registration
kpasswd 761/tcp kpwd # Kerberos "passwd"
supfilesrv 871/tcp # SUP server
ssl-ldap 636/tcp # LDAP over SSL
omirr 808/tcp omirrd # online mirror
rsync 873/tcp # rsync
simap 993/tcp # IMAP over SSL
spop3 995/tcp # POP-3 over SSL
swat 901/tcp # Add swat service used
via inetd
That 17 ports out of 424.
System administrators who run into trouble because they are using a
_lot_ of daemons in this region should be able to edit /etc/services.
But think of the grief of a novice user trying to use swat with 901
in use with rpc.mountd. It will just _hang_, I guess.
Regards,
Han Holl