Vulnerability Development mailing list archives

Re: Ports 0-1023?

From: Kent Crispin <kent () songbird com>
Date: Thu, 4 Jul 2002 11:27:57 -0700

The privileged port mechanism has never been based on the assumption 
that remote system administraters are somehow more trustworthy.

The privileged port mechanism primarily deals with issues of intRA-host
trust (how does an administrator of a multi-user system be sure that his
users aren't doing bad stuff) and not issues of intER-host trust (how
does an administrator of a system, single-user or multi-user, ensure
that a remote machine is not doing bad stuff).  As long as there are 
multi-user machines, privileged ports will be necessary.

The problem of how to manage a multi-user machine securely in the face
of potential malicious users is often ignored, perhaps because it is so
difficult :-)

-- 
Kent Crispin, Technical Systems Manager, ICANN            crispin () icann org
"Be good, and you will be lonesome."  -- Mark Twain       kent () songbird com

Current thread:

Re: Ports 0-1023?, (continued)
- - - Re: Ports 0-1023? Kevin Easton (Jul 06)
    - Re: Ports 0-1023? Charles 'core' Stevenson (Jul 06)
    - Re: Ports 0-1023? Bruno Morisson (Jul 07)
    - Re: Ports 0-1023? Brian Hatch (Jul 08)
    - Re: Ports 0-1023? Bruno Morisson (Jul 08)
- Re: Ports 0-1023? Martin Mačok (Jul 04)
  - Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Nate Amsden (Jul 04)
- Re: Ports 0-1023? gminick (Jul 04)
- Re: Ports 0-1023? Brian Hatch (Jul 04)
  - Re: Ports 0-1023? Kent Crispin (Jul 04)
- Re: Ports 0-1023? David Schwartz (Jul 04)
- RE: Ports 0-1023? Amanda Jones (Jul 04)
  - RE: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Dan Kaminsky (Jul 04)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
  - Re: Ports 0-1023? Sebastian Krahmer (Jul 05)
- Re: Ports 0-1023? robbe (Jul 04)
- Re: Ports 0-1023? Dave Aitel (Jul 04)
  - Re: Ports 0-1023? Michal Zalewski (Jul 04)
  - Re: Ports 0-1023? hicks (Jul 04)

(Thread continues...)