-fromhost() doesn't work because the file descriptor isn't available
at this point, see PR bin/6813
-it needs some initialization for libwrap to grok the IP address and/or
host names in its rule files (see PR bin/6831 by Andreas Wrede
<andreas@planix.com>, the fix is different)
Needless to say that libwrap's interface sucks.
* portmap is now tcp-wrapped (i.e. obeys hosts.{allow,deny})
both for lookups (as `portmap') and for forwarded calls to
specific services.
* the new -l flag, analagous to inetd -l, logs all connections
to portmap.
* the new -s flag causes portmap to suid to the user daemon
after binding it's port, so that outgoing connections do
not come from privileged ports. This prevents users from
using portmap to get a free privileged port.
* portmap now _only_ accepts SETs and UNSETs on the loopback
interface. In the past, anyone in the world could do all
sorts of nasty things to your portmap tables. Note that
our libc already_only_ uses the loopback interface to
register rpc ports.
This work is modeled after/partially taken from Wietse Venema's tcp-
wrapped version of the BSD 4.3 portmap. It has benefitted greatly from my
discussions with Luke, Matt and many others.
'out' arg to svc_sendreply must point to a long if outproc is
xdr_long. It was pointing to an 'int', and that was crashing on the
alpha, due to bad alignment.