Vulnerability Development mailing list archives

Re: Ports 0-1023?

From: Robert Bihlmeyer <robbe () orcus priv at>
Date: 08 Jul 2002 20:57:41 +0200

Blue Boar <BlueBoar () thievco com> writes:

With the proposed change, sshd could only get root if someone with the
actual root password comes along and hands it to the sshd.


Keep in mind that password is far from the only method to authenticate
with sshd. IOW that involves much work, and the gain over a privsep'd
sshd is not that great.

imapd or similar could be better targets: since modern Unices support
fd passing over process boundaries, it should be possible to build a
portable daemon that, in exchange for a user's password, would return
a O_RDWR file descriptor to that user's mail spool. This way imapd
only needs root for bind() and can drop it immediately (or you run it
from inetd and friends).

-- 
Robbe

Attachment: signature.ng
Description:

Current thread:

Re: Ports 0-1023?, (continued)
- - - Re: Ports 0-1023? George W. Capehart (Jul 05)
- Ports 0-1023? alex (Jul 04)
  - Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Blue Boar (Jul 04)
  - Re: Ports 0-1023? Brian Hatch (Jul 04)
    - Re: Ports 0-1023? Blue Boar (Jul 04)
    - Re: Ports 0-1023? Brian Hatch (Jul 05)
    - Re: Ports 0-1023? Clint Byrum (Jul 05)
  - Re: Ports 0-1023? Robert Bihlmeyer (Jul 08)
    - Re: Ports 0-1023? Blue Boar (Jul 08)
    - Re: Ports 0-1023? Robert Bihlmeyer (Jul 08)
- RE: Ports 0-1023? Michael Wojcik (Jul 07)
- RE: Ports 0-1023? Dawes, Rogan (ZA - Johannesburg) (Jul 08)
- RE: Ports 0-1023? Dawes, Rogan (ZA - Johannesburg) (Jul 08)