Date: Thu, 02 Jul 1998 01:55:23 -0700 From: David Greenman <dg@root.com> To: "Allen Smith" <easmith@beatrice.rutgers.edu> Cc: security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com Subject: Re: bsd securelevel patch question Message-ID: <199807020855.BAA23399@implode.root.com> In-Reply-To: Your message of "Thu, 02 Jul 1998 03:06:49 EDT." <9807020306.ZM22221@beatrice.rutgers.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>On Jul 1, 12:44am, David Greenman (possibly) wrote: > >> I'll resist any scheme that ties specific privileges to specific gids. To >> me it seems too kludgy and I also suspect that most FreeBSD admins will be >> quite unhappy about us hijacking a large block of gids for our special >> purposes. > >Umm... OK, you're the boss. The block of gids I'd had in mind was >above 65535, so I have my doubts how many people would be using >those. Any ideas on alternate routes for port permission broadening? I >haven't been able to look at Darren's version so far. Well, someone will have to convince me that delegating access on a port by port basis is necessary in the first place. I'd personally be happy with a simple privilege that allows binding to ports <1024. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807020855.BAA23399>