Date: Fri, 21 Feb 2003 06:20:59 -0700 (MST) From: "M. Warner Losh" <imp@bsdimp.com> To: ru@FreeBSD.org Cc: cjc@FreeBSD.org, src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet in_pcb.c Message-ID: <20030221.062059.34122968.imp@bsdimp.com> In-Reply-To: <20030221131205.GE30966@sunbay.com> References: <200302210528.h1L5SS0H092948@repoman.freebsd.org> <20030221131205.GE30966@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
One implication of this is that if you have a server running on a used-to-be priviledged port and now run it on a no-privs port your machine has more potential for compromise. If an attacker can make that server die, and has an accaount on your machine, that attacker can replace the daemon with his own by winning the restart race. With priviledged ports, root was the only one that mattered. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-src" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030221.062059.34122968.imp>