On 4/2/06, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2006/04/02 22:54, Niklaus wrote: > > > pf will probably do what you want, they'll be able to run the proxy, but > > > won't be able to initiate an inbound connection. > > > > > The problem with pf is that you have to setup filter or white list for > > every new protcol that i setup from root. > > > > I only want root to listen to ports. Is that possible. Something like > > access control. > > Read pf.conf(5) about the 'user' and 'group' options.
what problem are you really trying to solve? what's to stop me from tunnelling through ssh? what's to stop me doing a "reverse telnet" sort of connection back to the machine i want to tunnel from. you might want to look at systrace... -- GDB has a 'break' feature; why doesn't it have 'fix' too?