Date: Fri, 18 Jun 1999 12:08:25 +0400 From: Kirill Nosov <slash@leontief.net> To: Frank Tobin <ftobin@bigfoot.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: securelevel descr Message-ID: <99061812174202.10975@MirStation.leontief.nw.ru> References: <Pine.BSF.4.10.9906180300090.55794-100000@srh0710.urh.uiuc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 18 Jun 1999, Frank Tobin wrote: >Kirill Nosov, at 11:40 on Fri, 18 Jun 1999, wrote: > >Well, the privileged ports concept is actually something that is a good >thing, if you can guarantee that only the trusted application X is bound >to that port, and not a trojaned version setup by an ordinary user. This >can be achieved by means of simmutable flags all over the place, and a >securelevel that doesn't allow any service to open a secure port. > But the idea discussed will allow to run daemons on priveleged ports under non-root priveleges. So you will create a user sendmail with 25 uid and only it will be able to bind to 25 port. That will allow to lower the probability of remote ( and local) root compromises. For sure this is a non-trivial configuration probl;em concerning to files ownership and groups formation but it looks like that result will be good. (But perhaps that will create another problem with 'priveleged uids' :) -- One possible reason that things aren't going according to plan is that there never was a plan in the first place. /Slash. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99061812174202.10975>