Date: Sat, 22 Feb 2003 10:07:30 +0100 From: Pawel Jakub Dawidek <nick@garage.freebsd.pl> To: cjclark@alum.mit.edu Cc: "M. Warner Losh" <imp@bsdimp.com>, ru@FreeBSD.org, src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet in_pcb.c Message-ID: <20030222090730.GD8455@garage.freebsd.pl> In-Reply-To: <20030221191528.GC90209@blossom.cjclark.org> References: <200302210528.h1L5SS0H092948@repoman.freebsd.org> <20030221131205.GE30966@sunbay.com> <20030221.062059.34122968.imp@bsdimp.com> <20030221191528.GC90209@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--3siQDZowHQqNOShm Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Feb 21, 2003 at 11:15:28AM -0800, Crist J. Clark wrote: [...] It's all true. I think everyone should agree with that, BUT... We're givinng people risky tool. IMHO if it elevate security level on our system, it is only a little elevation. As many writers pointed that out already attacker can steal privileged ports. We got two situations: 1. There is a hole in our daemon before it drops privileges. 2. There isn't such hole. In first situation. Attacker gets root access directly. If it isn't run by root and everyone is permited to bind < 1024 ports and attacker gets local access it depends only on time when he win race with some daemon. Risk isn't directly, but very big. And the second. If there isn't such hole we only givinng local users very risky tool. I'll never use it even on machines that users don't have local access. IMHO. It is a solution to solve old and hard problem from years, but it isn't good enough, sorry. Such functionality should be handled by MAC, capabilities or cerb-ng. This isn't right way. Next thing will be create sysctls that control use of syscalls like chroot(2) or even jail(2) by unprivileges users? Or maybe openning RAW socket to? --=20 Pawel Jakub Dawidek UNIX Systems Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am. --3siQDZowHQqNOShm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPlc90j/PhmMH/Mf1AQEwzgP9HOyDWuiahOtrVkQSWGI8ou6hfm8vB17y 4I1QWLYW5LlONG+rsuik+CPuIYihwOncAeeZCFn82xhnAW/otHTngBur6vut6OYC dFsgEOFLkKCKNDZJ/pHk3s1j3dH/gGa4QJnEUwLxzLiftH2rCoVJgTQICa78eJxD nYadxlu2xPQ= =7pZq -----END PGP SIGNATURE----- --3siQDZowHQqNOShm-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-src" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030222090730.GD8455>