On Monday 14 September 2009 18:47:18 Freminlins wrote:
> Hi,
>
> I am not sure if this exists (but don't think so), so I am asking.
>
> Is there a sysctl type thing to disallow non-root users, or indeed any
> specified user or group, from running a program with listen() ?
>
> What I am looking a
On Tue, Sep 15, 2009 at 11:39:05AM +0100, Freminlins typed:
> 2009/9/14 Chris Rees
>
> >
> > Isn't this a bit drastic? Listening sockets are opened by very many
> > types of processes, as well as remembering that sendmail, BIND, and
> > others don't actually run as root... I suppose it'd be possi
2009/9/14 Chris Rees
>
> Isn't this a bit drastic? Listening sockets are opened by very many
> types of processes, as well as remembering that sendmail, BIND, and
> others don't actually run as root... I suppose it'd be possible, but
> would it actually be useful?
>
Sure, those open listening s
2009/9/14 Freminlins :
> Hi,
>
> I am not sure if this exists (but don't think so), so I am asking.
>
> Is there a sysctl type thing to disallow non-root users, or indeed any
> specified user or group, from running a program with listen() ?
>
> What I am looking at is improving network security, su
Hi,
I am not sure if this exists (but don't think so), so I am asking.
Is there a sysctl type thing to disallow non-root users, or indeed any
specified user or group, from running a program with listen() ?
What I am looking at is improving network security, such that if a user
account is comprom