Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 02 Jul 1998 01:55:23 -0700
From:      David Greenman <dg@root.com>
To:        "Allen Smith" <easmith@beatrice.rutgers.edu>
Cc:        security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com
Subject:   Re: bsd securelevel patch question 
Message-ID:  <199807020855.BAA23399@implode.root.com>
In-Reply-To: Your message of "Thu, 02 Jul 1998 03:06:49 EDT." <9807020306.ZM22221@beatrice.rutgers.edu> 

next in thread | previous in thread | raw e-mail | index | archive | help
>On Jul 1, 12:44am, David Greenman (possibly) wrote:
>
>>    I'll resist any scheme that ties specific privileges to specific gids. To
>> me it seems too kludgy and I also suspect that most FreeBSD admins will be
>> quite unhappy about us hijacking a large block of gids for our special
>> purposes.
>
>Umm... OK, you're the boss. The block of gids I'd had in mind was
>above 65535, so I have my doubts how many people would be using
>those. Any ideas on alternate routes for port permission broadening? I
>haven't been able to look at Darren's version so far.

   Well, someone will have to convince me that delegating access on a port
by port basis is necessary in the first place. I'd personally be happy with
a simple privilege that allows binding to ports <1024.

-DG

David Greenman
Co-founder/Principal Architect, The FreeBSD Project

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807020855.BAA23399>