From owner-freebsd-questions@FreeBSD.ORG  Mon Jan 24 21:43:09 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4FE1F16A4CF
	for <freebsd-questions@freebsd.org>;
	Mon, 24 Jan 2005 21:43:09 +0000 (GMT)
Received: from helium.webpack.hosteurope.de (helium.webpack.hosteurope.de
	[217.115.142.90])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 04ABC43D46
	for <freebsd-questions@freebsd.org>;
	Mon, 24 Jan 2005 21:43:07 +0000 (GMT)	(envelope-from me@hexren.net)
Received: by helium.webpack.hosteurope.de running Exim 4.34 using asmtp
	helo=hexren.steenbuck.net)
	id 1CtBzG-0005cP-7w; Mon, 24 Jan 2005 22:43:06 +0100
Date: Mon, 24 Jan 2005 22:43:05 +0100
From: Hexren <me@hexren.net>
X-Mailer: The Bat! (v1.62i) Business
X-Priority: 3 (Normal)
Message-ID: <1120420172.20050124224305@hexren.net>
To: Danny <nocmonkey@gmail.com>
In-Reply-To: <addc34c605012413236265f063@mail.gmail.com>
References: <20050124210109.GA14171@SDF.LONESTAR.ORG>
 <12318458361.20050124221023@hexren.net>
 <addc34c605012413236265f063@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re[2]: sshd port number ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Hexren <me@hexren.net>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2005 21:43:09 -0000

D> On Mon, 24 Jan 2005 22:10:23 +0100, Hexren <me@hexren.net> wrote:
>> If ssh ever goes down, a user could start his own compromised
>> version of ssh and do some nasty stuff. The same user could not do
>> that if the connecting side would expect sshd to be on a privileged
>> port because the system ensures that only procs running with superuser
>> privileges can bind to a privileged port.

D> At the OS level (not the SSHD config for example), where can one
D> configure what proc is assigned to what privileged port?

D> I just did some quick searching, but does this documentation exist on
D> the FreeBSD site?

D> Thank you,

D> ...D

---------------------------------------------

/etc/services
http://www.freebsd.org/cgi/man.cgi?query=services&apropos=0&sektion=0&manpath=FreeBSD+5.3-RELEASE+and+Ports&format=html

But that is only a database. The system does not enforce what binds to
what port. If the superuser does want <something> to bind to <port> the
systems standpoint in that is: Root is right.

Hexren