Date: Sat, 20 Oct 2001 06:44:42 -0600 From: "Tomek" <tomek@mpionline.com> To: <freebsd-security@FreeBSD.ORG> Subject: Making almost everything non-root Message-ID: <0e3a01c15964$fd88fee0$f6f073d1@mpionline.com>
next in thread | raw e-mail | index | archive | help
Hello there, I am attempting to make everything I possibly can non-root. I have a few questions to that regard. 1. Is there a way to make ports <1024 accessable to non-root programs (preferably on a per-user basis)? Some programs are set to root JUST to access a port, which is a lame reason in my opinion to give such access. 2. I am planning on recompiling several "login" style programs to use limited user-ids instead of root, INCLUDING telnet, and just have a centralized tiny program "makemeroot" called sometime between obtaining login info and actually running shells. Is there a way to on-the-fly make a running PID a different user given the proper login information? NOTE: I do not understand why programs have not been designed this way. I know it may be a slight inconvenience for login programs, but until the user enters root login information, I do not see a strong argument for giving the program root privileges in the first place. Thank you, Tomek To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0e3a01c15964$fd88fee0$f6f073d1>