On Fri, 25 May 2012 10:13:16 -0600 Charles Curley <[email protected]> wrote:
> A program must be root to bind to any port between 1 and 1023 > (inclusive). > > I use: > > backup@dzur:~$ amgetconf DailySet1 unreserved-tcp-port > 50000,50100 > backup@dzur:~$ Open mouth, insert foot. Just for the halibut I ram amcheck on my installation, and got: 1337962332.480051: amcheck-clients: connect_port: Skip port 512: owned by exec. 1337962332.480268: amcheck-clients: connect_port: Skip port 513: owned by login. 1337962332.480442: amcheck-clients: connect_port: Skip port 514: owned by shell. 1337962332.480616: amcheck-clients: connect_port: Skip port 515: owned by printer. 1337962332.481451: amcheck-clients: make_socket opening socket with family 2 1337962332.481548: amcheck-clients: connect_port: Try port 516: available - Success 1337962332.481792: amcheck-clients: connected to 127.0.1.1.10080 1337962332.481818: amcheck-clients: our side is 0.0.0.0.516 And the answer is that amcheck is suid, presumably as root. $ ls -l $(which amcheck) -rwsr-xr-- 1 root backup 57104 Dec 5 2010 /usr/sbin/amcheck $ -- Charles Curley /"\ ASCII Ribbon Campaign Looking for fine software \ / Respect for open standards and/or writing? X No HTML/RTF in email http://www.charlescurley.com / \ No M$ Word docs in email Key fingerprint = CE5C 6645 A45A 64E4 94C0 809C FFF6 4C48 4ECD DFDB
