Vulnerability Development mailing list archives
RE: Ports 0-1023?
From: "Amanda Jones" <amanda () wineasy se>
Date: Thu, 4 Jul 2002 10:19:29 +0200
If your firewall can do port forwarding then you can easily do this yourself for most services. Just have the firewall forward port 25 to say 2025 and let sendmail run on 2025. The down side is obviously that if somebody breaks non-root on your machine then he can steal your mail. Is it worth it? Probably depends on the value of your mail. Up to you. Amanda. -----Original Message----- From: Blue Boar [mailto:BlueBoar () thievco com] Sent: Thursday, July 04, 2002 09:05 To: vuln-dev () securityfocus com Subject: Ports 0-1023? Is there any point in needing to be root in order to allocate the low ports on unix-like systems, anymore? Could we get away from having to have some daemons even have a root stub in order to listen on a low port? What would break, and what new holes would be created? Could some sort of port ACL simply be used that says a particular UID can allocate a particular range of ports? Discuss. BB
Current thread:
- Re: Ports 0-1023?, (continued)
- Re: Ports 0-1023? Bruno Morisson (Jul 07)
- Re: Ports 0-1023? Brian Hatch (Jul 08)
- Re: Ports 0-1023? Bruno Morisson (Jul 08)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Kent Crispin (Jul 04)
- RE: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Sebastian Krahmer (Jul 05)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? hicks (Jul 04)