On Wed, May 02, 2001 at 09:45:23AM -0500, Aurobindo Sundaram (+1 512 331 3743) wrote: > Hi, > > I'm just wondering where in the network port opening sequence it is > appropriate to drop privileges. Consider the following snippet of code and > assume we're opening a port < 1024. Obviously, we need root privileges to > bind ... when is the earliest we can drop them? See below for the choices. Why didn't you try it yourself? Anyway, it's the bind syscall that requires super user privileges (or the capability) in order to bind to a port lower then 1024. Also, there is no security gainned in dropping the privileges before or after calling listen. However, do take notice that the position 3 is in a loop, so the program would try to drop privileges in each iteraction after accepting the connection. hugs Luciano Rocha
This archive was generated by hypermail 2b30 : Wed May 02 2001 - 12:04:25 PDT