Ports 0-1023?

• Previous message: Nate Amsden: "Re: Ports 0-1023?"
• Next in thread: Mark Ruth: "Re: Ports 0-1023?"
• Maybe reply: Mark Ruth: "Re: Ports 0-1023?"
• Reply: Michal Zalewski: "Re: Ports 0-1023?"
• Reply: Blue Boar: "Re: Ports 0-1023?"
• Reply: Dawes, Rogan (ZA - Johannesburg): "RE: Ports 0-1023?"
• Reply: Dawes, Rogan (ZA - Johannesburg): "RE: Ports 0-1023?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This convention means that all daemons for services on
ports < 1024 need some special privilege.
AFAIK, this was used in the past to confer some trust
on all daemons providing these services. (The
assumption was that if the system administrator ran
it, then it must be trustworthy). This thinking harks
back to an era when SysAdmins were a select breed, not
just any punk with a linux box.
Nowaydays it has been realised that trusting any other
machine, even on your home network, is naive (because
it could have been subverted).
Explicit trust and authentication mechanisms have
implemented instead (to a varying degree of of
efficacy).
Modern networks are a lot less trusting. So the extra
risk run giving these daemons extra privilege is
wasted, I think.

Please correct me if I'm mistaken.
Alex 

__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com

• Next message: gminick: "Re: Ports 0-1023?"
• Previous message: Nate Amsden: "Re: Ports 0-1023?"
• Next in thread: Mark Ruth: "Re: Ports 0-1023?"
• Maybe reply: Mark Ruth: "Re: Ports 0-1023?"
• Reply: Michal Zalewski: "Re: Ports 0-1023?"
• Reply: Blue Boar: "Re: Ports 0-1023?"
• Reply: Dawes, Rogan (ZA - Johannesburg): "RE: Ports 0-1023?"
• Reply: Dawes, Rogan (ZA - Johannesburg): "RE: Ports 0-1023?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 04 2002 - 10:40:21 PDT