Date: Wed, 26 Mar 1997 06:41:11 -0800 From: David Greenman <dg@root.com> To: Adrian Chadd <adrian@obiwan.aceonline.com.au> Cc: tqbf@enteract.com, freebsd-security@FreeBSD.ORG Subject: Re: Privileged ports... Message-ID: <199703261441.GAA12899@root.com> In-Reply-To: Your message of "Wed, 26 Mar 1997 22:19:55 %2B0800." <Pine.BSF.3.95q.970326220852.29096A-100000@obiwan.aceonline.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
>The only problem here is that it kinda defeats the whole purpose of prived >ports in the first place. I guess the whole thing here is to write small >programs that do the necessary SUID bit, then drop back down into >nonrootland to continue. > >David (and anyone else interested) - I'd be very interested in hearing >what security holes would be introduced by having a UID (or GID) to bind >to priv'ed ports. None that I can think of if I understand you correctly. The thing you want to prevent is regular users being able to bind to a privileged port. It would take an average cracker less than 5 minutes to whip up a couple of really nasty programs (such as one that pretends to be rlogin - claiming to be some other user). As long as you retain control over who/what can bind to the privileged ports, I don't see any problem. >Surely there must be a nicer way :) It would be nice if FreeBSD had account privileges ala VMS. You could then have fine grain control over what 'privileged' programs can do, thus limiting the vulnerabilites. I've been thinking about this on occasion for many years and have discussed the idea with several other people. There are a lot of details...it's not as easy as it might seem. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703261441.GAA12899>