From owner-freebsd-security  Mon Jul  7 11:38:01 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id LAA29849
          for security-outgoing; Mon, 7 Jul 1997 11:38:01 -0700 (PDT)
Received: from kithrup.com (kithrup.com [205.179.156.40])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id LAA29844
          for <security@freebsd.org>; Mon, 7 Jul 1997 11:37:59 -0700 (PDT)
Received: (from sef@localhost) by kithrup.com (8.6.8/8.6.6) id LAA23476; Mon, 7 Jul 1997 11:37:57 -0700
Date: Mon, 7 Jul 1997 11:37:57 -0700
From: Sean Eric Fagan <sef@Kithrup.COM>
Message-Id: <199707071837.LAA23476@kithrup.com>
To: security@freebsd.org
Subject: Re: Security Model/Target for FreeBSD or 4.4?
In-Reply-To: <Pine.BSI.3.95.970707135535.16314A-100000.kithrup.freebsd.security@shell.firehouse.net>
References: <Pine.SUN.3.93l.970707130204.13617D-100000@apriori.cc.cmu.edu>
Organization: Kithrup Enterprises, Ltd.
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In article <Pine.BSI.3.95.970707135535.16314A-100000.kithrup.freebsd.security@shell.firehouse.net> you write:
>I kinda doubt openbsd has such a facility, but i dont know. I'll have to
>look into that when I get home :). I implemented such a feature for port
>20 binds via a sysctl
>
>net.inet.ip.ftpbinduid: 0
>
>theo thought the idea for it was ... less than good, and said he did not
>like the whole idea of nonroot users being able to bind privledged ports.

This was discussed here a few months ago (a year ago?).  It would have been
something along the lines of:

	net.inet.ip.<portnumber> <uid>

and then using it like

	sysctl -w net.inet.ip.25=`id smtp`

or somesuch.