Why doesn't someone implement an init that intelligently handles the privilege seperation using the Linux capabilities. And why not hack something up so we can give an attribute to a suid that allows it to just change the system time or this sort of thing. I think it would be great to chmod +n /bin/ping. Just a thought :) peace, core Kurt Seifried wrote: >>Is there any point in needing to be root in order to allocate the low > > ports > >>on unix-like systems, anymore? Could we get away from having to have some >>daemons even have a root stub in order to listen on a low port? What > > would > >>break, and what new holes would be created? Could some sort of port ACL >>simply be used that says a particular UID can allocate a particular range >>of ports? > > > Well. Let's say you don't need to be root anymore. > > Hey look at me, I'm the webserver! Or the email server, or the ftp server. > or the NFS server....... > > If I can down a service (remote/local DoS), or wait for it to be restarted > (like to reload configuration or some other automated interuption) I can be > that service. Kind of scary IMHO. > > Now if you're talking about assigning a UID or GID to "own" the port that's > a different story, however I fear people doing well intentioned, but stupid > things like assigning it to "nobody". This capability already exists in many > systems, Argus Pitbull (for Solaris) and Pitbull LX (for Linux), NSA > SELinux, and so on. > > Personally I like Solaris' ability to assign high ports to require root, > this is nice for NFS (2049) and other related systems (has to run as root > anyways, well unless you got some really crazy user-daemon nfs =). > > Plus with privilege seperation (OpenSSH, Postfix, Apache, etc.) there is > very little to worry about in most cases, done properly these things are not > terribly dangerous (ok, ignoring last week ....=). > > I wrote an article about this ages ago, but cannot find it, and of course > securityportal.com is no more, ohwell. > > >>Discuss. >> >>BB > > > Kurt Seifried, kurtat_private > A15B BEE5 B391 B9AD B0EF > AEB0 AD63 0B4E AD56 E574 > http://seifried.org/security/ > http://www.iDefense.com/ > > > >
This archive was generated by hypermail 2b30 : Thu Jul 04 2002 - 16:10:30 PDT