Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ports 0-1023?

From: Martin Mačok <martin.macok () underground cz>
Date: Thu, 4 Jul 2002 09:30:45 +0200
On Thu, Jul 04, 2002 at 12:05:16AM -0700, Blue Boar wrote:

Is there any point in needing to be root in order to allocate the
low ports on unix-like systems, anymore?


This was discussed some time ago on a tech () openbsd org (~2 years ago),
it should be archived somewhere.

IIRC:

1) This is the Unix way and we want to be compatible
   (bind port, drop root - easy)

2) The user which is able to bind low ports can bind a port when
   the service crashes or when it is being restarted by the
   administrator. So you still have to protect this special
   user/group (faked service or DoS is considered dangerous).

3) You still want to drop that special priviledge after binding that
   port, because when the service is compromised, the attacker gains
   power to bind low ports which means he is able to bind ports of
   other services (on crash/restart).
   (and remember - when you're not root, dropping priviledges is
   "harder" or even not possible)

From a teoretical point of view - yes. Root is too much powerful and
dangerous, some form of ACL's or capabilities would be better. (OR
maybe just some special group). But this way you get system/service
which is not Unix compatible, so you must maintain 2 versions - one
for your system and one (insecure?) for the *nix.

Anyway, inetd (xinetd/tcpserver) is a standard solution for that
problem too.

-- 
         Martin Mačok                 http://underground.cz/
   martin.macok () underground cz        http://Xtrmntr.org/ORBman/
Previous By Date Next
Previous By Thread Next

Current thread: