Date: Wed, 23 Jun 1999 05:58:36 +1200 From: Andrew McNaughton <andrew@scoop.co.nz> To: Dag-Erling Smorgrav <des@flood.ping.uio.no> Cc: Michael Richards <026809r@dragon.acadiau.ca>, freebsd-security@FreeBSD.ORG Subject: Re: Allowing non root users to bind low ports Message-ID: <199906221758.FAA07268@aniwa.sky> In-Reply-To: Your message of "21 Jun 1999 14:55:04 %2B0200." <xzpemj590if.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> Michael Richards <026809r@dragon.acadiau.ca> writes: > > I was giving this concept a little thought. If I'm not root and I can bind > > a low port, let's say the telnet port. I could write myself a fake telnet > > daemon and run it. Sooner or later, someone is going to try using it... > > This whole thing about non-root users binding to low ports would only be > > useful if there are no shell accounts on a machine IMO. > > Well, duh. That's why we want to turn this off before going multiuser > (but after starting stuff like sendmail etc.) That approach is of limited use unless you're prepared to reboot your machine every time you want to change your sendmail configuration. Sounds too much like Windows for my liking. Nothing short of reconfiguring the kernel or a make world should require a reboot. Andrew McNaughton -- Andrew McNaughton +64 4 389 6891 andrew@scoop.co.nz http://www.scoop.co.nz/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906221758.FAA07268>