From owner-freebsd-hackers Wed Mar 26 09:43:44 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id JAA29385 for hackers-outgoing; Wed, 26 Mar 1997 09:43:44 -0800 (PST) Received: from pdx1.world.net (pdx1.world.net [192.243.32.18]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA29374 for ; Wed, 26 Mar 1997 09:43:41 -0800 (PST) From: proff@suburbia.net Received: from suburbia.net (suburbia.net [203.4.184.1]) by pdx1.world.net (8.7.5/8.7.3) with SMTP id JAA25067 for ; Wed, 26 Mar 1997 09:45:53 -0800 (PST) Received: (qmail 13009 invoked by uid 110); 26 Mar 1997 17:43:11 -0000 Message-ID: <19970326174311.13007.qmail@suburbia.net> Subject: Re: Privileged ports... In-Reply-To: <199703261441.GAA12899@root.com> from David Greenman at "Mar 26, 97 06:41:11 am" To: dg@root.com Date: Thu, 27 Mar 1997 04:43:11 +1100 (EST) Cc: hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > >The only problem here is that it kinda defeats the whole purpose of prived > >ports in the first place. I guess the whole thing here is to write small > >programs that do the necessary SUID bit, then drop back down into > >nonrootland to continue. > > > >David (and anyone else interested) - I'd be very interested in hearing > >what security holes would be introduced by having a UID (or GID) to bind > >to priv'ed ports. > > None that I can think of if I understand you correctly. The thing you > want to prevent is regular users being able to bind to a privileged port. > It would take an average cracker less than 5 minutes to whip up a couple > of really nasty programs (such as one that pretends to be rlogin - claiming > to be some other user). As long as you retain control over who/what can > bind to the privileged ports, I don't see any problem. > > David Greenman > Core-team/Principal Architect, The FreeBSD Project I already wrote code to do this, which merged the whole domain into ipfw, together with uid/gid rules for all incoming and outgoing traffic at a packet level. Trod on too many toes I think. Cheers, Julian.