<offtopic level="slight"> On 2001-07-17 19:53:06 -0400, jmjonesat_private wrote: > > It would seem to me that the restriction of "system ports" to the > first 1024 ports was an "early" attempt to address forward security > needs. As such, it was INCREDIBLY successful... showing simple > solutions CAN have great impact. How so? In my mind, the direct cause of the root exploits of machines through sendmail, bind, ftp, etc, etc. And it's not consistent. Consider: socks 1080 nfs 2049 lockd 4045 irc 6667 https 8080 Why don't *these* ports (for starters) need protection? *grumble* > It may be possible to open ports other than 0-1023 for "system" access > in linux, but they probably aren't going to ever become "universal". > Quite honestly, PORTS are a construct that MUST be universal under > TPC/IPC to really work. I don't know. If an application does: if (bind(fd, &addr, ...) == -1) { perror("Unable to bind address"); exit(1); } Then it can work under an OS that allows non-root processes to bind ports in the privileged range, and require root on others, without any special coding. > Many weeks ago, somebody suggested creating port structures in /proc/ > that refected the specific ports being opened and their permissions. > This is one way to handle this within the pre-existant paradigm that I > like, but not enough to "bid on". This seems like implementation to me - as long as the hooks are there an LSM can do what it wishes. If the hooks work like: if ((port < 1024) && biguglyprocess_struct->uid) { return EPERM; } if (fancykernelhook->lsm->bindhook) { ret = (fancykernelhook->lsm->bindhook)(port); if (ret) return ret; } Then no LSM can ever implement a policy to allow non-root users to bind low ports. Shane _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 01:45:27 PDT