Re: Is this mail list dead?

[Crispin Cowan <crispin@wirex.com>]

"Michael H. Warfield" wrote:

> On Mon, Mar 12, 2001 at 09:07:41PM -0800, Crispin Cowan wrote:
> > Tracy R Reed wrote:
> > > Is there really any reason to require programs to be run as root to bind
> > > to ports <1024 anymore? I was just discussing this with some friends after
> > > the regular LUG meeting at Denny's the other day. That's where the best
> > > LUG conversation happens. :) There used to be a good reason for it but
> > > nowadays it seems like an unnecessary liability. Fixing this is probably a
> > > very simple little patch.
> > How else would you (say) enforce that only the Duly Authorized Mailserver is
> > the one listening to example.com:25 ?  If anyone can bind to port 25, then
> > anyone can kick the authorized mail server over (go find some DoS) and start
> > your own mail server.  Repeat as necessary for various other important
> > services that bind to well-known ports <1024.
>
>         Capabilities specifically enabling an application to bind to
> a specific port?

Until you have a file system that supports extended attributes so as to store
capability bits (i.e. "SUID privileged port bit" instead of "SUID root") then you
need to require root to allow the application to set its own capabilities.  This
is an improvement over requiring root to bind to ports, but you still are
depending on the program to correctly drop privs.

Crispin

--
Crispin Cowan, Ph.D.
Chief Research Scientist, WireX Communications, Inc. http://wirex.com
Free Hardened Linux Distribution:                    http://immunix.org

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/