Date: Fri, 21 Feb 2003 06:20:59 -0700 (MST) From: "M. Warner Losh" <imp@bsdimp.com> To: ru@FreeBSD.org Cc: cjc@FreeBSD.org, src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet in_pcb.c Message-ID: <20030221.062059.34122968.imp@bsdimp.com> In-Reply-To: <20030221131205.GE30966@sunbay.com> References: <200302210528.h1L5SS0H092948@repoman.freebsd.org> <20030221131205.GE30966@sunbay.com>
index | next in thread | previous in thread | raw e-mail
One implication of this is that if you have a server running on a used-to-be priviledged port and now run it on a no-privs port your machine has more potential for compromise. If an attacker can make that server die, and has an accaount on your machine, that attacker can replace the daemon with his own by winning the restart race. With priviledged ports, root was the only one that mattered. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the messagehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030221.062059.34122968.imp>