Date: Thu, 02 Jul 1998 17:35:48 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: rotel@indigo.ie Cc: "Allen Smith" <easmith@beatrice.rutgers.edu>, dg@root.com, security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com Subject: Re: bsd securelevel patch question Message-ID: <2600.899393748@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 02 Jul 1998 14:31:18 -0000." <199807021331.OAA00656@indigo.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
>Eh? If ssh/smtp/inetd bind to the port you won't be able to, no >matter how often you try. And you won't be able to steal keys >by hijacking sshd. correct. >I still agree with you for other reasons though, if an attacker >creates a new service people might use it even though it isn't a >legitimate service setup my the sysadmin. Right, but if the attacker has hacked your system enough to bind to a socket < 1024, he >OWNS< it. Any further attempt at adding security is bogus, and can at best OPEN the window more because you will be adding more complexity, rather than subtract from it. The one fix that gives you most mileage is to add kernel code such that above some particular securelevel, you cannot open sockets < 1024 anymore. The downside is you have to reboot to restart deamons and the R* family stops working... -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." "ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2600.899393748>