NAME
servxcheck - Internet service access check
SYNOPSIS
#define _MINIX_SOURCE 1
#include </net/gen/netdb.h>
int servxcheck(ipaddr_t peer, const char *service,
void (*logf)(int pass, const char *name));
char *servxfile(const char *file);
DESCRIPTION
Servxcheck() is used by programs like inetd to perform an
access check on the host connected to the other end of the
TCP channel that has IP address peer.
Servxcheck() translates the IP address to the associated
host name if necessary, and checks if the host is granted
access as guided by the file /etc/serv.access. (See
serv.access(5).) The service name used to search the access
file is passed by the caller as service. These names should
be the same as the service names in /etc/services.
The caller should use the NWIOGTCPCONF ioctl() call to find
out what the IP address of the remote end is. It is wise to
bypass the servxcheck() call if the remote end happens to be
the local machine (remaddr == locaddr), so that local con-
nections aren't impeded by slow checks. Servxcheck() will
itself allow connections from 127.0.0.1/8 immediately, so
you don't have to check for that. Example of use:
if (ioctl(fd, NWIOGTCPCONF, &tcpconf) < 0
|| tcpconf.nwtc_remaddr == tcpconf.nwtc_locaddr
|| servxcheck(tcpconf.nwtc_remaddr, service_name, NULL)
) {
serve();
}
An attempt to connect to a service is logged if the access
is denied. You can use the special checkword "log" to also
log if access is granted. Logging will be done with sys-
log() at the warning level. A syntax error in the access
file may be logged under the err level. The caller must use
openlog() to set the appropriate logging facility. One may
do one's own logging by supplying a logf function that will
be called by servxcheck with a first argument that is true
if access is granted, false if denied, and a second argument
that is the name of the remote host whose access has been
checked.
The default is to fail the check unless the access file says
otherwise. Strange errors make the check succeed. (We do
not want remote access to fail because of some system
error.) Note that this function is not meant to check
access to the system, that's what passwords and such are
for, but only to limit access to those who are allowed to
use the services the system offers.
Connections from a machine to itself are accepted immedi-
ately. No further checks, no logging.
Servxfile() may be used to specify a file other than the
default /etc/serv.access. This is useful for programs
started from inetd that want to handle the access check
themselves, using a private access file. The return value
of servxfile() is the pathname of the old access file. Only
a pointer to the new path is saved, the caller must keep the
string it points to intact.
FILES
/etc/serv.access Default access check file.
SEE ALSO
syslog(3), serv.access(5), services(5), inetd(8).
DIAGNOSTICS
Servxcheck() returns 0 if the access is denied, 1 if
granted.
Typical syslog message:
Jan 10 20:27:20 flotsam inetd[174]: service 'shell'
granted to jetsam.cs.vu.nl
BUGS
IP and DNS based access checks will stop most crackers, but
not the really determined ones. Luckily MINIX 3 is suffi-
ciently strange to thwart the well known cracking schemes.
But don't ever allow yourself to feel secure.
AUTHOR
Kees J. Bot <kjb@cs.vu.nl>