aboutsummaryrefslogtreecommitdiff
path: root/network/ipxnet/rc.ipxnet.conf
diff options
context:
space:
mode:
authorB. Watson <yalhcru@gmail.com>2018-08-03 05:57:19 +0700
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2018-08-04 08:17:11 +0700
commitc307650f720584677c21b0d311ff566df8b83dfc (patch)
tree378182019151f2409c0ac346b3cd520e1cb322f5 /network/ipxnet/rc.ipxnet.conf
parentf516576ada936b719baa671f569f1a4b2ffabea9 (diff)
network/ipxnet: Added (tunnel IPX over TCP/IP).
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'network/ipxnet/rc.ipxnet.conf')
-rw-r--r--network/ipxnet/rc.ipxnet.conf15
1 files changed, 15 insertions, 0 deletions
diff --git a/network/ipxnet/rc.ipxnet.conf b/network/ipxnet/rc.ipxnet.conf
new file mode 100644
index 000000000000..bc9bfa34a0e1
--- /dev/null
+++ b/network/ipxnet/rc.ipxnet.conf
@@ -0,0 +1,15 @@
+# Config file for SBo ipxnet startup script, by B. Watson <yalhcru@gmail.com>.
+
+# ipxnet-system binary runs setuid nobody by default, but has the
+# cap_net_bind_service capability set. This gives the ipxnet-system
+# process the capability to open low-numbered ports (any port < 1024),
+# which could be a security concern: if ipxnet can be exploited, the
+# exploit code could listen on e.g. the ssh or http port. The alternative
+# (running ipxnet with root privileges) is much worse though: the exploit
+# code could do *anything* in that case.
+
+# The official assigned port number:
+IPXPORT=213
+
+# The port number from the DOSBox examples:
+# IPXPORT=19900