Date: Sat, 23 Nov 1996 23:32:01 -0700 From: Warner Losh <imp@village.org> To: Mikael Karpberg <karpen@ocean.campus.luth.se> Cc: freebsd-hackers@freebsd.org Subject: Re: non-root users binding to ports < 1024 Message-ID: <E0vRY6j-0004Ps-00@rover.village.org> In-Reply-To: Your message of "Sun, 24 Nov 1996 04:07:57 %2B0100." <199611240307.EAA06738@ocean.campus.luth.se> References: <199611240307.EAA06738@ocean.campus.luth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199611240307.EAA06738@ocean.campus.luth.se> Mikael Karpberg writes: : I might be wrong, but doesn't rlogin for example bind to a port < 1024 : on OUTGOING connections, to make itself trustworthy? It's setuid root, : and could be just setuid bindlow or some other normal user, that would just : have one extra permission: To bind to all ports < 1024, special sensitive : ports excluded. I'm user more programs then rlogin could use that user also. True. My solution would be poorly suited for doing that. It would eliminate the need for other programs to bind to the ports to listen for inbound connections. Reducing the number is still a win :-). : As I see it, any unneccesary priviliges to setuid programs is just asking : for trouble. Agreed. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vRY6j-0004Ps-00>