From owner-freebsd-security Wed Mar 26 22:45:38 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id WAA08687 for security-outgoing; Wed, 26 Mar 1997 22:45:38 -0800 (PST) Received: from obiwan.aceonline.com.au (obiwan.aceonline.com.au [203.103.90.67]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA08682 for ; Wed, 26 Mar 1997 22:45:34 -0800 (PST) Received: from localhost (adrian@localhost) by obiwan.aceonline.com.au (8.8.5/8.8.5) with SMTP id OAA01949; Thu, 27 Mar 1997 14:42:16 +0800 (WST) Date: Thu, 27 Mar 1997 14:42:16 +0800 (WST) From: Adrian Chadd To: Adam Shostack cc: freebsd-security@FreeBSD.ORG Subject: Re: Privileged ports... In-Reply-To: <199703261631.LAA15307@homeport.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Twould be nice, but remember inetd isn't the only place we want this applicable (eg sendmail runs as a daemon and binds to the port (25), it doesn't use inetd). Nice idea though. :) I was just thinking about saying "let uid 100 bind to port 0 (?), uid 101 bind to port 1, etc ..." upto 1024. Although its just the asme as having sysctl variable letting acertain UID have access to the priv'ed ports. However if you hack an account with THAT UID, you can access ALL ports, rather if you have seperate UIDs with access to one port each, you'd have to actually hack ALL of them (or a large number of the useful ports) to do harm. Good example - someone hacks sendmail (:).. but since it dosn't have root al lthey cand o is play with the sendmail binary, which isn't ever invoked as root anymore :) -- Adrian Chadd | UNIX, MS-DOS and Windows ... | (also known as the Good, the bad and the | ugly..)