Date: Sat, 2 Sep 2000 18:00:27 +0200 From: Maxime Henrion <mux@qualys.com> To: freebsd-arch@freebsd.org Subject: thought about allocation of the first 1024th ports Message-ID: <20000902180027.A13029@cybercable.fr>
next in thread | raw e-mail | index | archive | help
Hi, On most Unix systems and on FreeBSD, the first 1024th ports can't be allocated by a non-root process. As far as I know, this is justfied because services running on these ports generally require root privileges to accomplish their tasks because they are intended to be used by all the users on the system and need to access to their datas. However, some services don't need these privileges, like identd servers, or even web servers. This implies security problems if these servers are vulnerable to a bug or a buffer overflow. Advanced servers use setuid() and setgid() system calls to drop their privileges after having bound the socket. This improves security as if the server is vulnerable, it can not be used to gain root privileges but only a user's privileges. What I wonder now is if an application-independant mechanism to permit some ports below 1024 to be bound to sockets not owned by root processes would be useful. You assign in a configuration file which UID's are allowed to allocate which port. Of course, root processes will also be allowed to allocate these ports and user with other UID's still can't ; this ensures backward compatibility. With such a mechanism, you can run a server as a user and not as root even if the application doesn't support the setuid/setgid system. The requirement for this to work is that the application doesn't permits itself to do some other root-only operations than binding the socket to a privileged port ; it should be this way in most applications. I invite you to send me your thoughts/advices/rotten tomatoes by e-mail ;-) I hope I didn't miss something obvious and that something allowing to do what I describe don't already exists. Regards, Maxime Henrion To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000902180027.A13029>