Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Mar 1997 06:41:11 -0800
From:      David Greenman <dg@root.com>
To:        Adrian Chadd <adrian@obiwan.aceonline.com.au>
Cc:        tqbf@enteract.com, freebsd-security@FreeBSD.ORG
Subject:   Re: Privileged ports... 
Message-ID:  <199703261441.GAA12899@root.com>
In-Reply-To: Your message of "Wed, 26 Mar 1997 22:19:55 %2B0800." <Pine.BSF.3.95q.970326220852.29096A-100000@obiwan.aceonline.com.au> 

next in thread | previous in thread | raw e-mail | index | archive | help
>The only problem here is that it kinda defeats the whole purpose of prived
>ports in the first place. I guess the whole thing here is to write small
>programs that do the necessary SUID bit, then drop back down into
>nonrootland to continue.
>
>David (and anyone else interested) - I'd be very interested in hearing
>what security holes would be introduced by having a UID (or GID) to bind
>to priv'ed ports. 

   None that I can think of if I understand you correctly. The thing you
want to prevent is regular users being able to bind to a privileged port.
It would take an average cracker less than 5 minutes to whip up a couple
of really nasty programs (such as one that pretends to be rlogin - claiming
to be some other user). As long as you retain control over who/what can
bind to the privileged ports, I don't see any problem.

>Surely there must be a nicer way :)

   It would be nice if FreeBSD had account privileges ala VMS. You could then
have fine grain control over what 'privileged' programs can do, thus limiting
the vulnerabilites. I've been thinking about this on occasion for many years
and have discussed the idea with several other people. There are a lot of
details...it's not as easy as it might seem.

-DG

David Greenman
Core-team/Principal Architect, The FreeBSD Project



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703261441.GAA12899>