Date: Fri, 02 Feb 2001 22:37:19 +0000 From: Peter Coates <peter@newnet.co.uk> To: cjclark@alum.mit.edu Cc: Christoph Sold <so@server.i-clue.de>, ipfw@FreeBSD.ORG Subject: Re: Unprivileged Access to Ports <1024 (was Re: freebsd-ipfw@FreeBSD.org) Message-ID: <3A7B369F.2E9922F8@newnet.co.uk> References: <3A79D919.53061763@i-clue.de> <20010202142940.V91447@rfx-216-196-73-168.users.reflex>
next in thread | previous in thread | raw e-mail | index | archive | help
"Crist J. Clark" wrote: > > On Thu, Feb 01, 2001 at 10:46:01PM +0100, Christoph Sold wrote: > > Hi folks, > > > > for the first time, I need to do some redirect: > > > > On a box with a single interface I want to run an untrusted application > > on port 23. I know, I can run it suid root, but i did not want to for > > obvious reasons. > > > > Q: How to redirect from interface ed0, port 80, to the very same > > machine, untrusted port, e.g. 1234? > > I coulda sworn there was a sysctl knob to turn off the rather outdated > behavor that restricts opening ports <1024 to root. However, I cannot > seem to find such a thing. Am I imagining things? > -- > Crist J. Clark cjclark@alum.mit.edu There is: net.inet.ip.portrange.lowfirst: 1023 net.inet.ip.portrange.first: 1024 They sounds along the right lines. I'm not sure what they do mind ;-) Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A7B369F.2E9922F8>