Date: Mon, 4 Sep 2000 15:41:54 +0300 From: Valentin Nechayev <netch@segfault.kiev.ua> To: Maxime Henrion <mux@qualys.com>, freebsd-arch@freebsd.org Subject: Re: thought about allocation of the first 1024th ports Message-ID: <20000904154153.D2306@netch.kiev.ua> In-Reply-To: <20000902180027.A13029@cybercable.fr>; from mux@qualys.com on Sat, Sep 02, 2000 at 03:58:48PM %2B0000 References: <20000902180027.A13029@cybercable.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Sat, Sep 02, 2000 at 15:58:48, mux wrote about "thought about allocation of the first 1024th ports": > On most Unix systems and on FreeBSD, the first 1024th ports can't be allocated by a > non-root process. As far as I know, this is justfied because services running on these [skip] > What I wonder now is if an application-independant mechanism to permit some ports below > 1024 to be bound to sockets not owned by root processes would be useful. You assign in a I had made patches to allow ACL for ports binding, tested for 3.3 and 4.0. See http://www.lucky.net/~netch/unix/FreeBSD/portacl/ But it does not use any Posix.1e-compatible- or -inspired- API, but has ipfw(8)-similar interface. If someone (rwatson?) can say what API style is "ideologically approved", I can rewrite it. Also it does not have English documentation (only Russian) yet. /netch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000904154153.D2306>