chiark
/
gitweb
/
~ian
/
authbind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
ipv6 etc.
[authbind.git]
/
authbind-helper.8
diff --git
a/authbind-helper.8
b/authbind-helper.8
index 44291ba4e04277b5d3a914b8ad1d59321f701d9e..764cb991daa11f16f579703f83ab25e053d1272b 100644
(file)
--- a/
authbind-helper.8
+++ b/
authbind-helper.8
@@
-24,7
+24,9
@@
.SH NAME
authbind\-helper \- helper program to bind sockets to privileged ports without root
.SH SYNOPSIS
.SH NAME
authbind\-helper \- helper program to bind sockets to privileged ports without root
.SH SYNOPSIS
-.BI /usr/lib/authbind/helper " addr\-hex port\-hex " < socket
+.BI /usr/lib/authbind/helper " addr4\-hex port\-hex " < socket
+.br
+.BI /usr/lib/authbind/helper " addr6\-hex port\-hex 6 " < socket
.SH DESCRIPTION
.B helper
is the program used by
.SH DESCRIPTION
.B helper
is the program used by
@@
-38,27
+40,24
@@
low-numbered ports in a controlled way. See
It may also be used standalone, i.e. without assistance from
.BR authbind .
Its standard input should be a TCP/IP socket, and it should be passed
It may also be used standalone, i.e. without assistance from
.BR authbind .
Its standard input should be a TCP/IP socket, and it should be passed
-two arguments.
+two
or three
arguments.
.PP
The arguments are the address and port number, respectively, to which
.PP
The arguments are the address and port number, respectively, to which
-the caller desires that the socket be bound. They should be hex
-strings,
+the caller desires that the socket be bound, and the address family
+(ommitted for IPv4; the fixed string
+.B 6
+for IPv6).
+The address and port should be hex strings,
.I without
leading
.BR 0x ,
.I without
leading
.BR 0x ,
-of exactly the right length (8
and 4
digits, respectively), being
+of exactly the right length (8
or 32, and 4,
digits, respectively), being
a pairs of hex digits for each byte in the address or port number when
expressed in host byte order. For example, the port argument is the
result of something like
.B sprintf(arg,
.B """%04X"",
.BR sin.sin_port) .
a pairs of hex digits for each byte in the address or port number when
expressed in host byte order. For example, the port argument is the
result of something like
.B sprintf(arg,
.B """%04X"",
.BR sin.sin_port) .
-.PP
-.B helper
-will not bind to ports 512 and onwards, because programs like
-.B rshd
-expect these to be used for outgoing connections, so allowing a user
-to bind to one of these would open up security hole(s).
.SH EXIT STATUS
.B helper
will exit with code 0 on success.
.SH EXIT STATUS
.B helper
will exit with code 0 on success.