Vulnerability Development mailing list archives
Re: Ports 0-1023?
From: gminick <gminick () hacker pl>
Date: Thu, 4 Jul 2002 11:35:00 +0200
On Thu, Jul 04, 2002 at 12:05:16AM -0700, Blue Boar wrote:
Is there any point in needing to be root in order to allocate the low ports on unix-like systems, anymore?
It's a dangerous situation, when unpriviledged users are able to run fake-daemons on ports where there should work a root process or nothing. Imagine a situation, when on your server you run only sshd and some server such as MTA, http server, but there's a possibility of starting a process (some _malicious_ process) on ports like 21/ftp, 23/telnet and getting passwords of your users (you do not need to create a working ftp server, you just need to get passwords and drop a connection with some error message, it's about 50 lines of code). It's rather not a good idea, to give such a possibility to all of your users.
Could some sort of port ACL simply be used that says a particular UID can allocate a particular range of ports?
I don't know, but even if it isn't possible, it's not hard to code it. -- [ Wojtek gminick Walczak ][ http://hacker.pl/gminick/ ] [ gminick (at) hacker.pl ][ gminick (at) klub.chip.pl ]
Current thread:
- Re: Ports 0-1023?, (continued)
- Re: Ports 0-1023? Charles 'core' Stevenson (Jul 05)
- Re: Ports 0-1023? Brian Hatch (Jul 05)
- Re: Ports 0-1023? Kevin Easton (Jul 06)
- Re: Ports 0-1023? Charles 'core' Stevenson (Jul 06)
- Re: Ports 0-1023? Bruno Morisson (Jul 07)
- Re: Ports 0-1023? Brian Hatch (Jul 08)
- Re: Ports 0-1023? Bruno Morisson (Jul 08)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Kent Crispin (Jul 04)
- RE: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Sebastian Krahmer (Jul 05)