From serge@jbj.org Mon Sep 8 19:08:44 1997 Received: from serge.jbj.org (serge.JBJ.ORG [198.178.231.60]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id TAA24574 for ; Mon, 8 Sep 1997 19:08:41 -0700 (PDT) Received: (from serge@localhost) by serge.jbj.org (8.8.6/8.6.12) id WAA04715; Mon, 8 Sep 1997 22:08:34 -0400 (EDT) Message-Id: <199709090208.WAA04715@serge.jbj.org> Date: Mon, 8 Sep 1997 22:08:34 -0400 (EDT) From: Serge Pashenkov Reply-To: serge@jbj.org To: FreeBSD-gnats-submit@freebsd.org Subject: mount_nfs always uses priviledged port X-Send-Pr-Version: 3.2 >Number: 4500 >Category: bin >Synopsis: mount_nfs always uses priviledged port >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Sep 8 19:10:01 PDT 1997 >Closed-Date: Sun Oct 19 18:40:13 MEST 1997 >Last-Modified: Sun Oct 19 18:42:11 MEST 1997 >Originator: Serge Pashenkov >Release: FreeBSD 2.2-STABLE i386 >Organization: >Environment: 2.2 stable circa Sep 8 >Description: Man page for mount_nfs says -P option fprces prov port to be used, for probably some security reasons, making me believe that no -P options means no priv port, but in fact in always takes priv port anyeyas. It would not be a problem (or rather doc problem), but together with kern/4327 it makes using Solaris 2.5 server impossible. >How-To-Repeat: Just mount any NFS file system on FreeBSD 2.2 stable as client and look at netstat to confirm that indeed the port on the client side is always under 1024 regardless of -P option. >Fix: Following just changes default: RCS file: /spare/ncvs/src/sbin/mount_nfs/mount_nfs.c,v retrieving revision 1.14.2.2 diff -c -r1.14.2.2 mount_nfs.c *** mount_nfs.c 1997/05/14 12:06:34 1.14.2.2 --- mount_nfs.c 1997/08/17 21:51:54 *************** *** 149,155 **** 0, (u_char *)0, 0, ! NFSMNT_RESVPORT, NFS_WSIZE, NFS_RSIZE, NFS_READDIRSIZE, --- 149,155 ---- 0, (u_char *)0, 0, ! 0, NFS_WSIZE, NFS_RSIZE, NFS_READDIRSIZE, >Release-Note: >Audit-Trail: State-Changed-From-To: open->closed State-Changed-By: joerg State-Changed-When: Sun Oct 19 18:40:13 MEST 1997 State-Changed-Why: I think you actually _can_ disable the use of reserved ports, by specifying -o noresvport. However, since the old (longname) options are deprecated, i just introduced a new -N option in rev 1.24 of mount_nfs.c. >Unformatted: