rpc.statd: eliminate --secure_statd
authorChuck Lever <chuck.lever@oracle.com>
Fri, 26 Sep 2008 16:42:45 +0000 (12:42 -0400)
committerSteve Dickson <steved@redhat.com>
Fri, 26 Sep 2008 16:42:45 +0000 (12:42 -0400)
commit18c6c616e07ec4fcd27108d87b6f02280d9687d6
treebecebe3ddb8a3426837139f4a87b9397929f092b
parent4ac04d76dc0fffe48313d6a16b4ca9b44c135818
rpc.statd: eliminate --secure_statd

Clean up: Remove RESTRICTED_STATD to help make IPv6 changes simpler.
We keep the code behind RESTRICTED_STATD, and toss anything that is
compiled out when it is set.

RESTRICTED_STATD was added almost 10 years ago in response to CERT
CERT CA-99.05, which addresses exposures in rpc.statd that might allow
an attacker to take advantage of buffer overflows in rpc.statd while it
is running in privileged mode.

These days, I can't think of a reason why anyone would want to run
rpc.statd without setting RESTRICTED_STATD.  In addition, I don't
think rpc.statd is ever tested without it.

Removing RESTRICTED_STATD will get rid of some address storage and
comparison issues that will make IPv6 support simpler.  Plus it will
make our test matrix smaller!

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
configure.ac
utils/statd/monitor.c
utils/statd/simu.c