Date: Tue, 25 Mar 1997 23:33:21 -0800 From: David Greenman <dg@root.com> To: tqbf@enteract.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: Privileged ports... Message-ID: <199703260733.XAA10931@root.com> In-Reply-To: Your message of "Wed, 26 Mar 1997 00:07:51 CST." <19970326060751.3783.qmail@smtp.enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>As part of a gradual effort to rid my kernel of suser() calls, I whipped >up a quick patch to in_pcb.c that configurably removes the superuser >restriction on binding privileged ports. > >This has the effect of removing the requirement for programs like rlogin >and rsh to run with superuser privs, thus eliminating a few more SUID >programs. In place of suser(), I've inserted two new sysctl OIDs under ...and creating a gaping security whole at the same time. I sure hope you're not doing this on any shell account machines and you completely trust any users that you have. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703260733.XAA10931>