Date: Wed, 21 Jun 2000 11:19:48 +0400 (MSD) From: "Ilmar S. Habibulin" <ilmar@ints.ru> To: James Howard <howardjp@wam.umd.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Network ACLs Message-ID: <Pine.BSF.4.21.0006211112560.32349-100000@ws-ilmar.ints.ru> In-Reply-To: <200006210104.VAA07282@rac6.wam.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 20 Jun 2000, James Howard wrote: > I want to be able to create a group called "inet" and anyone who is a > member of that group may open connections. However, they may not > listen. Root can do anything he/she wants. Nobody else can do anything. Well, then you need a posix capabilities plus file ACLs of TrusdedBSD. If you are interested in TrustedBSD features. But they are not fully implemented right now. To solve you problem you can use advices to use ipfw uid/gid filtering option, because TrustedBSD is far from being finished. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006211112560.32349-100000>