From owner-freebsd-questions  Fri Nov 22 16:18:54 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA29188
          for questions-outgoing; Fri, 22 Nov 1996 16:18:54 -0800 (PST)
Received: from main.gbdata.com ([207.90.222.20])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA29179
          for <questions@freebsd.org>; Fri, 22 Nov 1996 16:18:43 -0800 (PST)
Received: (from gclarkii@localhost) by main.gbdata.com (8.7.5/8.6.9) id SAA06854; Fri, 22 Nov 1996 18:16:55 -0600 (CST)
From: Gary Clark II <gclarkii@main.gbdata.com>
Message-Id: <199611230016.SAA06854@main.gbdata.com>
Subject: Re: Keeping users from bind'ing to ports
To: langfod@dihelix.com (David Langford)
Date: Fri, 22 Nov 1996 18:16:53 -0600 (CST)
Cc: questions@freebsd.org
In-Reply-To: <199611221930.JAA01080@localhost.my.domain> from David Langford at "Nov 22, 96 09:30:24 am"
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

David Langford wrote:
> 
> Is there a way of keeping some users from being able to run programs
> that bind to ports over 1024? (i.e. to keep users from running servers)
I don't know any of doing ths except maybe
with IP firewall.  Anyone else?

> 
> Ideally this would involve a user file like crontab uses to allow
> known users to use the ports.
> 
> 
> Thanks,
> -David Langford
>  langfod@dihelix.com
> 
> 

Gary
-- 
Gary Clark II   (N5VMF) |    I speak only for myself and "maybe" my company 
gclarkii@GBData.COM     |          Member of the FreeBSD Doc Team 
  Providing Internet and ISP startups mail info@GBData.COM for information
   FreeBSD FAQ at ftp://ftp.FreeBSD.ORG/pub/FreeBSD/docs/freebsd-faq.ascii