[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is this mail list dead?

To: securedistros@nl.linux.org
Subject: Re: Is this mail list dead?
From: Rik van Riel <riel@conectiva.com.br>
Date: Tue, 13 Mar 2001 02:49:03 -0300 (BRST)
cc: andreas@conectiva.com.br
In-Reply-To: <20010312201351.A30218@ultraviolet.org>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@nl.linux.org

On Mon, 12 Mar 2001, Tracy R Reed wrote:
> On Tue, Mar 13, 2001 at 12:03:44AM -0300, Rik van Riel wrote:
> > Is there anything I've forgotten to mention, or are there
> > other things needed to make Linux distro's more secure without
> > impacting functionality or ease-of-use ?
> 
> Is there really any reason to require programs to be run as root to
> bind to ports <1024 anymore?

No. I remember somebody mentioning a wrapper program to be able
to load eg. named with just CAP_NET_BIND_SERVICE set and no root
rights.

This keeps the SUID part down to just this (small) wrapper
program. Can anybody remember the name ??

Andreas, could we have this thing in Conectiva when we dig it
up ? ;)

regards,

Rik
--
Virtual memory is like a game you can't win;
However, without VM there's truly nothing to lose...

		http://www.surriel.com/
http://www.conectiva.com/	http://distro.conectiva.com.br/

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: Is this mail list dead?
  - From: Luca Berra <bluca@comedia.it>
- Re: Is this mail list dead?
  - From: Andreas Hasenack <andreas@conectiva.com.br>

References:
- Re: Is this mail list dead?
  - From: Tracy R Reed <treed@ultraviolet.org>

Prev by Date: Re: Is this mail list dead?
Next by Date: Re: Is this mail list dead?
Prev by thread: Re: Is this mail list dead?
Next by thread: Re: Is this mail list dead?
Index(es):
- Date
- Thread