[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Is this mail list dead?
On Tue, Mar 13, 2001 at 02:49:03AM -0300, Rik van Riel wrote:
> On Mon, 12 Mar 2001, Tracy R Reed wrote:
> > On Tue, Mar 13, 2001 at 12:03:44AM -0300, Rik van Riel wrote:
> > > Is there anything I've forgotten to mention, or are there
> > > other things needed to make Linux distro's more secure without
> > > impacting functionality or ease-of-use ?
> >
> > Is there really any reason to require programs to be run as root to
> > bind to ports <1024 anymore?
>
> No. I remember somebody mentioning a wrapper program to be able
> to load eg. named with just CAP_NET_BIND_SERVICE set and no root
> rights.
>
> This keeps the SUID part down to just this (small) wrapper
> program. Can anybody remember the name ??
Compartment
http://www.suse.de/~marc/SuSE.html
--
Luca Berra -- bluca@comedia.it
Communication Media & Services S.r.l.
/"\
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \
-
Securedistros: A common list for all secured Linux distributions
Archive: http://humbolt.nl.linux.org/lists/