From owner-freebsd-security  Thu Jul  2 10:07:36 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA28161
          for freebsd-security-outgoing; Thu, 2 Jul 1998 10:07:36 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from critter.freebsd.dk (critter.freebsd.dk [195.8.133.1] (may be forged))
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA28126
          for <security@FreeBSD.ORG>; Thu, 2 Jul 1998 10:07:26 -0700 (PDT)
          (envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.8.7/8.8.5) with ESMTP id TAA02757;
	Thu, 2 Jul 1998 19:04:48 +0200 (CEST)
To: rotel@indigo.ie
cc: "Allen Smith" <easmith@beatrice.rutgers.edu>, dg@root.com,
        security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net,
        abc@ralph.ml.org, tqbf@secnet.com
Subject: Re: bsd securelevel patch question 
In-reply-to: Your message of "Thu, 02 Jul 1998 16:56:14 -0000."
             <199807021556.QAA00294@indigo.ie> 
Date: Thu, 02 Jul 1998 19:04:48 +0200
Message-ID: <2755.899399088@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <199807021556.QAA00294@indigo.ie>, Niall Smart writes:
>On Jul 2,  5:35pm, Poul-Henning Kamp wrote:
>} Subject: Re: bsd securelevel patch question
>>
>> >I still agree with you for other reasons though, if an attacker
>> >creates a new service people might use it even though it isn't a
>> >legitimate service setup my the sysadmin.
>> 
>> Right, but if the attacker has hacked your system enough to bind
>> to a socket < 1024, he >OWNS< it.  Any further attempt at adding
>> security is bogus, and can at best OPEN the window more because
>> you will be adding more complexity, rather than subtract from it.
>
>Thats not true, if he hacks the user/group that the web server runs
>at then he only owns the web server, the only additional priviledge
>he gains is the ability to bind to port 80.

which is worse that the standard:  he cannot bind to any port < 1024.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
"ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message