Nmap Development mailing list archives

Re: Checking non-privileged access to port < 1024

From: David Fifield <david () bamsoftware com>
Date: Thu, 29 Apr 2010 10:59:39 -0600

On Thu, Apr 29, 2010 at 06:05:41AM -1000, William Pursell wrote:


I've recently discovered ncat.  A very nice replacement
for the venerable nc.  Thanks to all who have
contributed to make ncat happen.

One observation, best shown with a patch:

diff --git a/ncat/ncat_main.c b/ncat/ncat_main.c
index 2e05bd7..859dfd0 100644
--- a/ncat/ncat_main.c
+++ b/ncat/ncat_main.c
@@ -716,10 +716,6 @@ static int ncat_listen_mode(void) {
     if (o.idletimeout != 0)
         bye("An idle timeout only works in connect mode.");

-    /* If a non-root user tries to bind to a privileged port, Exit. */
-    if (o.portno < 1024 && !ncat_checkuid())
-        bye("Attempted a non-root bind() to a port <1024.");
-
     if (o.broker && o.cmdexec != NULL)
         bye("Invalid option combination: --broker and -e.");



It strikes me as inelegant to have the application check
whether or not bind will fail.  If the user doesn't
have access, then let bind fail.


You're absolutely right. I removed that code and now the error message
looks like this:

$ ./ncat -l 345
Ncat: bind to 0.0.0.0:345: Permission denied. QUITTING.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Checking non-privileged access to port < 1024 William Pursell (Apr 29)
- Re: Checking non-privileged access to port < 1024 David Fifield (Apr 29)