From owner-freebsd-security Mon Jun 21 2:59: 9 1999 Delivered-To: freebsd-security@freebsd.org Received: from nova.kki.krakow.pl (nova.kki.krakow.pl [195.116.9.2]) by hub.freebsd.org (Postfix) with ESMTP id 6658014C12 for ; Mon, 21 Jun 1999 02:58:45 -0700 (PDT) (envelope-from shadow@kki.pl) Received: from altair (shadow@altair.kki.krakow.pl [195.116.9.172]) by nova.kki.krakow.pl (8.8.7/Ver.2c) with SMTP id LAA31770; Mon, 21 Jun 1999 11:16:39 +0200 Reply-To: From: "=?iso-8859-1?Q?Robert_'Shadow'_Paj=B9k?=" To: "Michael Richards" <026809r@dragon.acadiau.ca> Cc: Subject: RE: Allowing non root users to bind low ports Date: Mon, 21 Jun 1999 11:20:00 +0200 Message-ID: <002d01bebbc7$3cfc3440$ac0974c3@altair.kki.krakow.pl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I was giving this concept a little thought. If I'm not root and I can bind > a low port, let's say the telnet port. I could write myself a fake telnet > daemon and run it. Sooner or later, someone is going to try using it... > This whole thing about non-root users binding to low ports would only be > useful if there are no shell accounts on a machine IMO. Or do this in the Phrack's way - which means to create group ex. net which is able to bind to those ports ... it is better but still not perfect ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message