Date: Thu, 02 Jul 1998 19:04:48 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: rotel@indigo.ie Cc: "Allen Smith" <easmith@beatrice.rutgers.edu>, dg@root.com, security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com Subject: Re: bsd securelevel patch question Message-ID: <2755.899399088@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 02 Jul 1998 16:56:14 -0000." <199807021556.QAA00294@indigo.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199807021556.QAA00294@indigo.ie>, Niall Smart writes: >On Jul 2, 5:35pm, Poul-Henning Kamp wrote: >} Subject: Re: bsd securelevel patch question >> >> >I still agree with you for other reasons though, if an attacker >> >creates a new service people might use it even though it isn't a >> >legitimate service setup my the sysadmin. >> >> Right, but if the attacker has hacked your system enough to bind >> to a socket < 1024, he >OWNS< it. Any further attempt at adding >> security is bogus, and can at best OPEN the window more because >> you will be adding more complexity, rather than subtract from it. > >Thats not true, if he hacks the user/group that the web server runs >at then he only owns the web server, the only additional priviledge >he gains is the ability to bind to port 80. which is worse that the standard: he cannot bind to any port < 1024. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." "ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2755.899399088>