Re: Security through Permissiveness: A Zen Riddle?

• Previous message: richard offer: "Re: Changes to LSM phase 1 for audit."
• In reply to: Devdas Bhagat: "Re: Security through Permissiveness: A Zen Riddle?"
• Next in thread: Seth Arnold: "Re: Security through Permissiveness: A Zen Riddle?"
• Next in thread: KRAMER,STEVEN (HP-USA,ex1): "RE: Security through Permissiveness: A Zen Riddle?"
• Reply: Seth Arnold: "Re: Security through Permissiveness: A Zen Riddle?"
• Reply: Shane Kerr: "Re: Security through Permissiveness: A Zen Riddle?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 14 Jul 2001, Devdas Bhagat wrote:

> Ok. How about starting simplifying life first?
> Other than history, is there *any* reason to allow the first 1024 ports
> bindable only by root? Since malicious users can now have root access
> to their own systems, the rationale for restricting the lower ports to
> be accessible only to root is no longer valid. Remove that restriction
> and a whole lot of things become simpler.
> In this case, each program has its own space, its own user and its own
> privileges. 

I delayed answering this, for a while, because it required some thinking.

It would seem to me that the restriction of "system ports" to the first
1024 ports was an "early" attempt to address forward security needs.  As
such, it was INCREDIBLY successful... showing simple solutions CAN have
great impact.

This is not a Linux thang though, it's an Internet (RFC/STD) thing, if I
remember correctly.

It may be possible to open ports other than 0-1023 for "system" access in
linux, but they probably aren't going to ever become "universal".
Quite honestly, PORTS are a construct that MUST be universal under
TPC/IPC to really work.

The port binding strategy of LSM is non-existant or barely begun, at this
point. Removing this obstacle probably is an argument for "removing an
obstacle before it blocks your path."

Many weeks ago, somebody suggested creating port structures in /proc/
that refected the specific ports being opened and their permissions.
This is one way to handle this within the pre-existant paradigm that I 
like, but not enough to "bid on".

I'm still waiting to see how it goes.

J. Melvin Jones

|>------------------------------------------------------
||  J. MELVIN JONES            jmjonesat_private 
|>------------------------------------------------------
||  Microcomputer Systems Consultant  
||  Software Developer
||  Web Site Design, Hosting, and Administration
||  Network and Systems Administration
|>------------------------------------------------------
||  http://www.jmjones.com/
|>------------------------------------------------------



_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Seth Arnold: "Re: Security through Permissiveness: A Zen Riddle?"
• Previous message: richard offer: "Re: Changes to LSM phase 1 for audit."
• In reply to: Devdas Bhagat: "Re: Security through Permissiveness: A Zen Riddle?"
• Next in thread: Seth Arnold: "Re: Security through Permissiveness: A Zen Riddle?"
• Next in thread: KRAMER,STEVEN (HP-USA,ex1): "RE: Security through Permissiveness: A Zen Riddle?"
• Reply: Seth Arnold: "Re: Security through Permissiveness: A Zen Riddle?"
• Reply: Shane Kerr: "Re: Security through Permissiveness: A Zen Riddle?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 17 2001 - 16:54:28 PDT