Date: Mon, 7 Jul 1997 11:37:57 -0700 From: Sean Eric Fagan <sef@Kithrup.COM> To: security@freebsd.org Subject: Re: Security Model/Target for FreeBSD or 4.4? Message-ID: <199707071837.LAA23476@kithrup.com> In-Reply-To: <Pine.BSI.3.95.970707135535.16314A-100000.kithrup.freebsd.security@shell.firehouse.net> References: <Pine.SUN.3.93l.970707130204.13617D-100000@apriori.cc.cmu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.BSI.3.95.970707135535.16314A-100000.kithrup.freebsd.security@shell.firehouse.net> you write: >I kinda doubt openbsd has such a facility, but i dont know. I'll have to >look into that when I get home :). I implemented such a feature for port >20 binds via a sysctl > >net.inet.ip.ftpbinduid: 0 > >theo thought the idea for it was ... less than good, and said he did not >like the whole idea of nonroot users being able to bind privledged ports. This was discussed here a few months ago (a year ago?). It would have been something along the lines of: net.inet.ip.<portnumber> <uid> and then using it like sysctl -w net.inet.ip.25=`id smtp` or somesuch.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707071837.LAA23476>