From owner-freebsd-security Mon Nov 18 13:59:39 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA15503 for security-outgoing; Mon, 18 Nov 1996 13:59:39 -0800 (PST) Received: (from jmb@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA15497; Mon, 18 Nov 1996 13:59:36 -0800 (PST) From: "Jonathan M. Bresler" Message-Id: <199611182159.NAA15497@freefall.freebsd.org> Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). To: black@gage.com (Ben Black) Date: Mon, 18 Nov 1996 13:59:35 -0800 (PST) Cc: fenner@parc.xerox.com, msmith@atrad.adelaide.edu.au, freebsd-security@freebsd.org In-Reply-To: <9611181749.AA29784@squid.gage.com> from "Ben Black" at Nov 18, 96 11:49:32 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Ben Black wrote: > > >It is, of course, possible to run as root for *just long enough* to bind to > >port 25. Then setuid("smtp"). > > > > even better would be finer grained control over access to low numbered ports > so you wouldn't need to be root to bind port 25. portals. someone needs to finish jan-simon pendry's work ;( then each port has has filesystem protection semantics and this becomes very easy. jmb -- Jonathan M. Bresler FreeBSD Postmaster jmb@FreeBSD.ORG FreeBSD--4.4BSD Unix for PC clones, source included. http://www.freebsd.org/ PGP 2.6.2 Fingerprint: 31 57 41 56 06 C1 40 13 C5 1C E3 E5 DC 62 0E FB