Re: solution time for www/smtp hole

Marc VanHeyningen (mvanheyn@cs.indiana.edu)
Thu, 12 Aug 1993 23:17:45 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Keith Moore: "Re: comments? MIME types for HTTP"
Previous message: Keith Moore: "Re: WWW Security Hole -- Bull!"
In reply to: Rob Raisch: "Re: solution time for www/smtp hole"
Next in thread: Marc Andreessen: "Re: solution time for www/smtp hole"

Thus wrote: Rob Raisch
>BRRRRAAAAPPPP.... Sorry. Not acceptable. Many, many gophers run on other
>ports than 70. Most of the stuff I admin runs on other ports for the
>simple reason that to limit access to a section of your gopher hierarchy
>you need to run another server.

Sigh. It seems such a pity that port allocation is dictated by silly
software limitations, and not just regarding this. One well-designed
server should be able to do everything on just one port.
Unfortunately, since addresses tend to stick around, we're probably
stuck with multiple ports for quite a while until things get fixed
properly.

I think allowing ports of 70+n for small values of n and >1024 (and
maybe a couple other idioms) handles virtually all these (ugly) cases
though. As long as the effect of suspicious ports is only a minor
inconvenience (present the URL, ask for confirmation) there isn't any
real functionality lost.

- Marc V

--
Marc VanHeyningen  mvanheyn@cs.indiana.edu  MIME, RIPEM & HTTP spoken here

Next message: Keith Moore: "Re: comments? MIME types for HTTP"
Previous message: Keith Moore: "Re: WWW Security Hole -- Bull!"
In reply to: Rob Raisch: "Re: solution time for www/smtp hole"
Next in thread: Marc Andreessen: "Re: solution time for www/smtp hole"