From owner-freebsd-bugs@FreeBSD.ORG  Mon Jun 12 21:20:15 2006
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 85D6016A41B
	for <freebsd-bugs@hub.freebsd.org>;
	Mon, 12 Jun 2006 21:20:15 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4EEBE43D48
	for <freebsd-bugs@hub.freebsd.org>;
	Mon, 12 Jun 2006 21:20:15 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k5CLKEO0049205
	for <freebsd-bugs@freefall.freebsd.org>; Mon, 12 Jun 2006 21:20:14 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k5CLKEkA049204;
	Mon, 12 Jun 2006 21:20:14 GMT (envelope-from gnats)
Date: Mon, 12 Jun 2006 21:20:14 GMT
Message-Id: <200606122120.k5CLKEkA049204@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Maxim Konovalov <maxim@macomnet.ru>
Cc: 
Subject: Re: bin/96993: [nis] /var/yp/securenets does not function in ypbind
 on 6.0 and 5.3
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Maxim Konovalov <maxim@macomnet.ru>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jun 2006 21:20:15 -0000

The following reply was made to PR bin/96993; it has been noted by GNATS.

From: Maxim Konovalov <maxim@macomnet.ru>
To: Hokan <hokan@me.umn.edu>
Cc: bug-followup@freebsd.org
Subject: Re: bin/96993: [nis] /var/yp/securenets does not function in ypbind
 on 6.0 and 5.3
Date: Tue, 13 Jun 2006 01:19:48 +0400 (MSD)

 On Mon, 12 Jun 2006, 16:12-0500, Hokan wrote:
 
 > On Mon, Jun 12, 2006 at 11:42:57PM +0400, Maxim Konovalov wrote:
 > > On Mon, 12 Jun 2006, 18:50-0000, Hokan wrote:
 > >
 > > >  This has been addressed in FreeBSD Security Advisory
 > > >  FreeBSD-SA-06:15.ypserv but further testing here has shown that the
 > > >  fix was not completely correct (although the security problem was
 > > >  stopped).
 > > >
 > > >  We have been having performance concerns with ypserv and
 > > >  decided to try compiling without tcpwrappers support.  This
 > > >  should be accomplished by modifying the Makefile to remove
 > > >  -DTCP_WRAPPER from CFLAGS:
 > > >
 > > >  -CFLAGS+= -DDB_CACHE -DTCP_WRAPPER -I.
 > > >  +CFLAGS+= -DDB_CACHE -I.
 > > >
 > > >  However, this no longer will compile after the security patch
 > > >  is applied.
 > > >
 > > >  The original version will compile and will use securenets.
 > > >  (The original version will not use securenets if tcpwrappers is
 > > >  enabled.)
 > >
 > > It does compile on my HEAD and RELENG_6 systems.
 >
 > The patch I had was apparently a beta version.  The official version
 > does seem to work.
 
 Could you please clarify - can we close this PR or there are still
 unresolved issues?
 
 -- 
 Maxim Konovalov