cvs commit: modperl-docs/src/docs/general Changes.pod multiuser.pod

8 Jul 2002 16:51:52 -0000 

stas        2002/07/08 09:51:51

  Modified:    src/docs/general Changes.pod multiuser.pod
  Log:
  add a reference to cbs, which prevents users from bind'ing to
  certain ports above 1024. [Philippe M. Chiasson]
  
  Revision  Changes    Path
  1.8       +3 -0      modperl-docs/src/docs/general/Changes.pod
  
  Index: Changes.pod
  ===================================================================
  RCS file: /home/cvs/modperl-docs/src/docs/general/Changes.pod,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- Changes.pod       31 May 2002 22:06:45 -0000      1.7
  +++ Changes.pod       8 Jul 2002 16:51:51 -0000       1.8
  @@ -37,6 +37,9 @@
   
   * multiuser.pod
   
  +  o add a reference to cbs, which prevents users from bind'ing to
  +    certain ports above 1024. [Philippe M. Chiasson]
  +
     o chroot(1) info
   
     o jail(8) info (Andrew McNaughton)
  
  
  
  1.4       +7 -2      modperl-docs/src/docs/general/multiuser.pod
  
  Index: multiuser.pod
  ===================================================================
  RCS file: /home/cvs/modperl-docs/src/docs/general/multiuser.pod,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- multiuser.pod     16 Jun 2002 12:43:39 -0000      1.3
  +++ multiuser.pod     8 Jul 2002 16:51:51 -0000       1.4
  @@ -181,13 +181,18 @@
   rival's server is listening to (e.g. using C<netstat(8)>) and
   configure my own server to listen on the same port.  Although I am
   unable to bind to this port, imagine what will happen when you reboot
  -your system and my startup script happens to be run before my rivals!
  -I get the port first, now all requests will be redirected to my
  +your system and my startup script happens to be run before my rival's
  +one!  I get the port first, now all requests will be redirected to my
   server.  I'll leave to your imagination what nasty things might happen
   then.
   
   Of course the ugly things will quickly be revealed, but not before the
   damage has been done.
  +
  +Luckily there are special tools that can ensure that users that aren't
  +authorized to bind to certain ports (above 1024) won't be able to do
  +so. One such a tool is called C<cbs> and its documentation can be
  +found at I<http://www.epita.fr/~flav/cbs/doc/html>.
   
   =back
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to