1 files changed, 24 insertions, 14 deletions

diff --git a/libexec/rexecd/rexecd.c b/libexec/rexecd/rexecd.c
index 61f020a..2905129 100644
--- a/libexec/rexecd/rexecd.c
+++ b/libexec/rexecd/rexecd.c
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id$
+ *	$Id: rexecd.c,v 1.8 1996/09/22 21:54:45 wosch Exp $
  */
 
 #ifndef lint
@@ -153,18 +153,6 @@ doit(f, fromp)
 		port = port * 10 + c - '0';
 	}
 	(void) alarm(0);
-	if (port != 0) {
-		s = socket(AF_INET, SOCK_STREAM, 0);
-		if (s < 0)
-			exit(1);
-		if (bind(s, (struct sockaddr *)&asin, sizeof (asin)) < 0)
-			exit(1);
-		(void) alarm(60);
-		fromp->sin_port = htons(port);
-		if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0)
-			exit(1);
-		(void) alarm(0);
-	}
 	getstr(user, sizeof(user), "username");
 	getstr(pass, sizeof(pass), "password");
 	getstr(cmdbuf, sizeof(cmdbuf), "command");
@@ -217,8 +205,30 @@ doit(f, fromp)
 		error("No remote directory.\n");
 		exit(1);
 	}
+
+	if (port != 0) {
+		if (port < IPPORT_RESERVED) {
+			syslog(LOG_ERR, "%s CONNECTION REFUSED to %s:%d "
+					"client requested privileged port",
+					user, remote, port);
+			error("Privileged port requested for stderr info.\n");
+			exit(1);
+		}
+		s = socket(AF_INET, SOCK_STREAM, 0);
+		if (s < 0)
+			exit(1);
+		if (bind(s, (struct sockaddr *)&asin, sizeof (asin)) < 0)
+			exit(1);
+		(void) alarm(60);
+		fromp->sin_port = htons(port);
+		if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0)
+			exit(1);
+		(void) alarm(0);
+	}
+
 	(void) write(2, "\0", 1);
-	if (port) {
+
+	if (port != 0) {
 		(void) pipe(pv);
 		pid = fork();
 		if (pid == -1)  {