Date: Fri, 21 Feb 2003 14:31:49 +0000 From: Paul Richards <paul@freebsd-services.com> To: "Jacques A. Vidrine" <nectar@FreeBSD.org> Cc: "M. Warner Losh" <imp@bsdimp.com>, ru@FreeBSD.org, cjc@FreeBSD.org, src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet in_pcb.c Message-ID: <20030221143149.GF68768@survey.codeburst.net> In-Reply-To: <20030221135056.GA32007@madman.celabo.org> References: <200302210528.h1L5SS0H092948@repoman.freebsd.org> <20030221131205.GE30966@sunbay.com> <20030221.062059.34122968.imp@bsdimp.com> <20030221135056.GA32007@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Feb 21, 2003 at 07:50:56AM -0600, Jacques A. Vidrine wrote: > On Fri, Feb 21, 2003 at 06:20:59AM -0700, M. Warner Losh wrote: > > One implication of this is that if you have a server running on a > > used-to-be priviledged port and now run it on a no-privs port your > > machine has more potential for compromise. If an attacker can make > > that server die, and has an accaount on your machine, that attacker > > can replace the daemon with his own by winning the restart race. With > > priviledged ports, root was the only one that mattered. > > Yes, this is why this feature _must_ remain `off' by default. > I think some features should be labelled as "experimental". This is a change that may have some benefit but may also be one that we wish hadn't happened and therefore it should be clear that this is a feature that's been implemented "to see how it goes" when deployed more widely. Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030221143149.GF68768>