Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 25 Mar 1997 23:33:21 -0800
From:      David Greenman <dg@root.com>
To:        tqbf@enteract.com
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: Privileged ports... 
Message-ID:  <199703260733.XAA10931@root.com>
In-Reply-To: Your message of "Wed, 26 Mar 1997 00:07:51 CST." <19970326060751.3783.qmail@smtp.enteract.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
>As part of a gradual effort to rid my kernel of suser() calls, I whipped
>up a quick patch to in_pcb.c that configurably removes the superuser
>restriction on binding privileged ports. 
>
>This has the effect of removing the requirement for programs like rlogin
>and rsh to run with superuser privs, thus eliminating a few more SUID
>programs. In place of suser(), I've inserted two new sysctl OIDs under

   ...and creating a gaping security whole at the same time. I sure hope
you're not doing this on any shell account machines and you completely
trust any users that you have.

-DG

David Greenman
Core-team/Principal Architect, The FreeBSD Project



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703260733.XAA10931>