This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Don't bind to registered ports in bindresvport

On Thu, May 31, 2012 at 11:32 AM, Dan Nicholson <> wrote:
> When bindresvport binds to a random port, there's a good chance it will
> pick one already registered in services. That's bad since the point of
> services is to define well known ports so random programs know which
> ones to avoid. The current behavior causes lots of downstream bugs and
> requires hacky solutions like running programs early in boot to bind to
> desired ports and handing them off when the actual services start.
> Let's just fix the problem at the source. On my fedora system, 295 of
> the 541 ports between 512 and 1023 are unregistered. There's plenty of
> space to pick a smarter port. If there are systems that require more
> random ports than that, bindresvport is probably not the right API to
> use.
> 2012-05-31 ?Dan Nicholson ?<>
> ? ? ? ?* sunrpc/bindrsvprt.c (bindresvport): Before binding the port,
> ? ? ? ?make sure it's not registered in services.

This is an application management issue that needs to be handled by
the distributions.

If a service depends on a port between 600-1023 then it must be
started before *any* services that randomly use ports in that range
e.g. via bindrsvprt.

Your patch attempts to encode a loose dependency via a modification to
the behaviour of the implementation and that is unacceptable.

The dependency must be expressed at a higher level e.g. while managing
the services.

A more acceptable patch might:

* Attempt to find a port for which a service is *not* reserved.
* If no such port is found then fallback to the old behaviour.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]