Date: Mon, 16 Nov 1998 21:22:50 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Marc Slemko <marcs@znep.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Message-ID: <199811170522.VAA23411@apollo.backplane.com> References: <Pine.BSF.4.05.9811161316100.12077-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:On Mon, 16 Nov 1998, Matthew Dillon wrote:
:
:>
:> We define several capabilities right off the bat:
:>
:> RCAPF_LOWPORT allow binding to low ports
:
:No.
:
:Again, read the archives. All this has been gone over and over.
:
:This makes things LESS secure in general.
:
:If programs have this ability, now they can't give it up. So
:suddenly all those simple programs that used to bind to the port
:and setuid() can't do that any more.
:
:Now if you compromise one program, you can compromise them all.
Nonsense. Firstly, you CAN give it up, in fact the parent can
force the child to give it away on fork or exec, and secondly
I think I did mention that calling setuid() would clear the
capabilities. Didn't I? Maybe I didn't send out that email,
I do a lot of editing.
If you are going to shoot the idea down, at least provide some
hard facts, and AT LEAST read my postings. I think I've covered it
pretty well. You aren't responding to anything I wrote, you are
simply responding from your gut.
-Matt
Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet
Communications & God knows what else.
<dillon@backplane.com> (Please include original email in any response)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811170522.VAA23411>