The privileged port mechanism has never been based on the assumption that remote system administraters are somehow more trustworthy. The privileged port mechanism primarily deals with issues of intRA-host trust (how does an administrator of a multi-user system be sure that his users aren't doing bad stuff) and not issues of intER-host trust (how does an administrator of a system, single-user or multi-user, ensure that a remote machine is not doing bad stuff). As long as there are multi-user machines, privileged ports will be necessary. The problem of how to manage a multi-user machine securely in the face of potential malicious users is often ignored, perhaps because it is so difficult :-) -- Kent Crispin, Technical Systems Manager, ICANN crispinat_private "Be good, and you will be lonesome." -- Mark Twain kentat_private
This archive was generated by hypermail 2b30 : Fri Jul 05 2002 - 00:09:25 PDT