From owner-freebsd-security Sun Jun 20 10:47: 0 1999 Delivered-To: freebsd-security@freebsd.org Received: from fantasy.netreach.net (fantasy.netreach.net [205.197.101.219]) by hub.freebsd.org (Postfix) with ESMTP id 1025814D5F for ; Sun, 20 Jun 1999 10:46:45 -0700 (PDT) (envelope-from petef@netreach.net) Received: from borneo (borneo.netreach.net [205.197.101.111]) by fantasy.netreach.net (8.9.3/8.9.0) with SMTP id NAA10311; Sun, 20 Jun 1999 13:43:52 -0400 (EDT) Date: Sun, 20 Jun 1999 13:45:17 -0400 (EDT) From: Pete Fritchman X-Sender: petef@borneo To: Michael Richards <026809r@dragon.acadiau.ca> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Allowing non root users to bind low ports In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org For what purpose would you want the non-root system users to be able to bind to low ports? --------------------------------------------- Pete Fritchman petef@netreach.net Netreach www.netreach.net System Administrator On Sun, 20 Jun 1999, Michael Richards wrote: > Hi... > > I was giving this concept a little thought. If I'm not root and I can bind > a low port, let's say the telnet port. I could write myself a fake telnet > daemon and run it. Sooner or later, someone is going to try using it... > This whole thing about non-root users binding to low ports would only be > useful if there are no shell accounts on a machine IMO. > > -Michael > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message