Patch Name: PHNE_1707 Patch Description: ypbind that only accepts ypset from SU on local host This patch contains a version of ypbind that only accepts ypset requests from a superuser port on the local host. This prevents a non-superuser program from sending rogue ypset requests to ypbind. This patch includes the change from patch PHNE_1360, which prevented a superuser on a remote system from issuing a ypset -h command to the local system and binding the system to a rogue ypserver. Path Name: /hp-ux_patches/s700/8.X/PHNE_1707 Effective Date: 921106 Patch Files: ypbind SR#: 1650-172619, 4701-161919 "what" string/timestamp: ypbind: ypbind: $Revision: 1.43.187.1.1.2 $ $Date: 92/11/06 10:24:20 $ PATCH_8.07: $ypbind.c- PHNE_1707 $ "sum" output: 11790 272 ypbind Dependencies: None. Supersedes: PHNE_1360 Patch Package Size: 175 Kbytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. Note: Please back up your system before you patch. --------------------------------------------------------------------------- After getting the patch onto your machine, unshar the patch (sh PHNE_1707). To install this patch do the following: 1) Run /etc/update (Note: you must be logged in as root to update a system). 2) Once in the update "Main Menu" move the highlighted line to "Change Source or Destination ->" and press "Return" or "Select Item". 3) Make sure the highlighted item in the "Change Source or Destination" window is "From Tape Device to Local System ...", then press "Return" or "Select Item". 4) You should now be in the "From Tape Device to Local System" window. Change the "Source: /dev/rmt/0m" to "Source: /tmp/PHNE_1707.updt" (this assumes that you are in the /tmp directory where PHNE_1707.updt has been placed). Note: You must enter the complete path name. 5) Press "Done". 6) From here on follow the standard directions for update. The customized script that update runs will move the original software to /system/PHNE_1707/orig. HP recommends keeping this software there in order to recover from any potential problems. It is also recommended that you move the PHNE_1707.text file to /system/PHNE_1707 to be retained for future reference. If you wish to put this patch on a magnetic tape and update from the tape drive, dd a copy of the patch to the tape drive. As an example the following will create a copy of the patch that update can read: dd if=PHNE_1707.updt of=/dev/rmt/0m bs=2048