Vulnerability Development mailing list archives
Ports 0-1023?
From: alex <alex_tibbles () yahoo co uk>
Date: Thu, 4 Jul 2002 09:49:08 +0100 (BST)
This convention means that all daemons for services on ports < 1024 need some special privilege. AFAIK, this was used in the past to confer some trust on all daemons providing these services. (The assumption was that if the system administrator ran it, then it must be trustworthy). This thinking harks back to an era when SysAdmins were a select breed, not just any punk with a linux box. Nowaydays it has been realised that trusting any other machine, even on your home network, is naive (because it could have been subverted). Explicit trust and authentication mechanisms have implemented instead (to a varying degree of of efficacy). Modern networks are a lot less trusting. So the extra risk run giving these daemons extra privilege is wasted, I think. Please correct me if I'm mistaken. Alex __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
Current thread:
- Re: Ports 0-1023?, (continued)
- Re: Ports 0-1023? Dave Aitel (Jul 04)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? hicks (Jul 04)
- Re: Ports 0-1023? Juan M. Courcoul (Jul 04)
- Re: Ports 0-1023? Mark Ruth (Jul 04)
- Re: Ports 0-1023? Bruno Morisson (Jul 04)
- Re: Ports 0-1023? gminick (Jul 04)
- Re: Ports 0-1023? Bruno Morisson (Jul 04)
- Re: Ports 0-1023? gminick (Jul 05)
- Re: Ports 0-1023? George W. Capehart (Jul 05)
- Re: Ports 0-1023? Bruno Morisson (Jul 04)
- Re: Ports 0-1023? Dave Aitel (Jul 04)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Brian Hatch (Jul 04)
- Re: Ports 0-1023? Blue Boar (Jul 04)
- Re: Ports 0-1023? Brian Hatch (Jul 05)
- Re: Ports 0-1023? Clint Byrum (Jul 05)
- Re: Ports 0-1023? Blue Boar (Jul 08)
- Re: Ports 0-1023? Robert Bihlmeyer (Jul 08)