On Thu, 4 Jul 2002, Michal Zalewski wrote: Hi, > On Thu, 4 Jul 2002, Blue Boar wrote: > > > Is there any point in needing to be root in order to allocate the low ports > > on unix-like systems, anymore? > > As long as you keep the old privilege model, of course. You don't want > your users to bind port 25 when Sendmail goes down for a short while > (actually, you can induce it pretty easily in certain configurations). Thats not even needed. A very nice trick is to bind to a more specific address if sendmail or apache binds to INADDR_ANY. Then one should bind to the real IP and wait what is coming ;-) regards, Sebastian -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmerat_private - SuSE Security Team ~
This archive was generated by hypermail 2b30 : Fri Jul 05 2002 - 11:05:43 PDT