[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netbsd-tech-security
Subject:    Re: [Fwd: [Rosiello Security] Negligent architecture for the assignment of the ports]
From:       "Roland C. Dowdeswell" <elric () imrryr ! org>
Date:       2004-04-24 17:38:03
Message-ID: 20040424173803.5A304174B9 () arioch ! imrryr ! org
[Download RAW message or body]

On 1082784116 seconds since the Beginning of the UNIX epoch
Sascha Retzki wrote:
>

>Hi list, 
>
>I think his example is not the best, but the entire idea is great: 1024
>root-ports and the rest is a battle-field should be depreciated. I think
>its easy (except of one thing ;)  ) to implement sth like a "secbind"
>protocol into NetBSD:

You can configure NetBSD to allow non-root processes to bind to
reserved ports by using systrace.  In reality, though, the entire
idea of reserved ports is broken.  People should actually invest
some time in security rather than reserved port hacks, in the long
term.

--
    Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/
[prev in list] [next in list] [prev in thread] [next in thread]