Date: Sat, 27 May 2006 15:51:08 +0200 From: Ian G <iang@iang.org> To: FreeBSD Security List <freebsd-security@freebsd.org> Subject: On what versions of FreeBSD can we unreserve ports? Message-ID: <4478594C.6080309@iang.org>
next in thread | raw e-mail | index | archive | help
On which versions of FreeBSD is it now possible to un-reserve ports? ( I've been waiting for this since forever ... have spent countless days - $$$ - trying to install workarounds, only to junk them later. I've even been paid a consulting gig to develop this, and declined to deploy it on my own servers :-/ ) iang http://askslim.blogspot.com/2006/05/freebsd-61-disabling-reserverd-ports.html Friday, May 26, 2006 FreeBSD 6.1: Disabling Reserverd Ports A common misfeature found on UN*X operating systems is the restriction that only root can bind to ports < 1024. Many a dollar has been wasted on workarounds and -often- the resulting security holes. Fortunately on FreeBSD 6.1 (and probably older versions as well) you can disable this remnant of trust-by-convention. host$ sysctl net.inet.ip.portrange.reservedhigh=0 That simple. Add it to your /etc/sysctl.conf today! posted by Slim @ 4:18 PM
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4478594C.6080309>