[42] in Hesiod
security issue
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Mon Jan 14 11:07:18 1991
From: schemers@vela.acs.oakland.edu (Roland Schemers III)
To: hesiod@ATHENA.MIT.EDU
Date: Mon, 14 Jan 91 11:03:07 EST
Cc: bind@ucbarpa.berkeley.edu
Hello! I ftp'd hesiod.tar.Z off of athena-dist.mit.edu, and was wondering
if there is a simple hack I can make to the source so the named does
not respond to hesiod requests outside of my domain.
I am running Ultrix 4.0, and this can be done using the hesiod/kerberos that
came with 4.0, but the 4.0 named is broke. The hesiod named (from MIT) is
working fine with Ultrix (passwd lookups, group lookups, etc), but I want to
make it secure.
It looks like all I would have to do is modify nes_req.c, and put in a
check to make sure hesiod requests originate from my domain (141.210.xxx.xxx).
Does any guru out there know the best place to put this check?
thanks, Roland
--
Roland J. Schemers III Systems/Network Manager
schemers@vela.acs.oakland.edu (Ultrix) Oakland University
schemers@argo.acs.oakland.edu (VMS) Rochester, MI 48309-4401
~Disclaimer::Disclaimer() { reboot(RB_HALT); } (313)-370-4323
