Re: new security model (was Re: [CONTRIB] listenwrap)

[Randy Terbush <ra...@covalent.net>]

On Sat, Nov 22, 1997 at 06:29:16PM -0800, Dean Gaudet wrote:
> No it's still in the infancy stages ... listenwrap is the beginnings of
> it, but that's all I've got so far.  I had to stop using it as well
> because I was getting into "bind: Address already in use" situations on
> restart that made no sense.  I've got to look into why they were occuring. 
> I think it's erroneous bind logic in the linux kernel, the logic that was
> put in there due to the port 2049 NFS attack a year or so ago.  (The
> attack where, on essentially every Unix out there, you can use bind() to
> bind to a more specific IP address, port 2049, and steal NFS packets.) 
> 
> I've got a few more thoughts at
> <http://www.arctic.org/~dgaudet/apache/tomahawk/thoughts>.  But I haven't
> summarized everything there yet, especially not the stuff from this
> thread. 

Cool. I'm spending my evening in your personal web pages. 

I've hit a milestone with my current setup and need to find a way to
extend the current model.

> I'm partying too much lately, not getting any apache work done ;) 

:-) Must be the burning man influence...