Date: Thu, 2 Jul 1998 18:24:00 +0200 From: Philippe Regnauld <regnauld@deepo.prosa.dk> To: dg@root.com Cc: security@FreeBSD.ORG Subject: Re: bsd securelevel patch question Message-ID: <19980702182400.33083@deepo.prosa.dk> In-Reply-To: <199807021410.HAA24585@implode.root.com>; from David Greenman on Thu, Jul 02, 1998 at 07:10:20AM -0700 References: <199807021331.OAA00656@indigo.ie> <199807021410.HAA24585@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
David Greenman writes:
> >
> >Whats wrong with a /dev/socket/tcp/XYZ acl type scheme? If the
> >process has permission to read /dev/socket/tcp/83 then they can
> >bind to port 83, you could make it a procfs type filesystem so all
>
> Well, one thing that is wrong with this is that it is slow. I sure wouldn't
> want my busy WWW server doing this for every connection that is made.
Wouldn't the parent apache (or other) bind to 80 and listen there
once and for all at startup time ?
--
-[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
«Pluto placed his bad dog at the entrance of Hades to keep the dead
IN and the living OUT! The archetypical corporate firewall?»
- S. Kelly Bootle
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980702182400.33083>