Casey Schaufler skrev:
How do you protect ports greater than 1024 from any user binding to them?
E.g. port 1080.
Should the OS manage port number allocations? I don't think so
based on the notion of ports being names in an uncontrolled flat
namespace. The whole problem is that people want to
Casey Schaufler skrev:
How do you protect ports greater than 1024 from any user binding to them?
E.g. port 1080.
Should the OS manage port number allocations? I don't think so
based on the notion of ports being names in an uncontrolled flat
namespace. The whole problem is that people want to
Phillip Susi skrev:
Mikael Ståldal wrote:
And how do you protect ports >1024 from any user binding to them?
You prevent users from binding to those ports by only giving
applications that need to the capability, and only letting the users
that need to have execute permission to th
Phillip Susi skrev:
Mikael Ståldal wrote:
And how do you protect ports 1024 from any user binding to them?
You prevent users from binding to those ports by only giving
applications that need to the capability, and only letting the users
that need to have execute permission to those programs
Radoslaw Szkodzinski (AstralStorm) skrev:
In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
well-known ports). As far as I know, this limit is hardcoded in the kernel.
The proper way to enable port <= 1024 binding support is adding CAP_NET_BIND_SERVICE to
>
Radoslaw Szkodzinski (AstralStorm) skrev:
In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
well-known ports). As far as I know, this limit is hardcoded in the kernel.
The proper way to enable port = 1024 binding support is adding CAP_NET_BIND_SERVICE to
In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
well-known ports). As far as I know, this limit is hardcoded in the kernel.
In some cases, this limit do more harm than good, so it would be nice to be
able to adjust it.
FreeBSD have a pair of sysctl
In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
well-known ports). As far as I know, this limit is hardcoded in the kernel.
In some cases, this limit do more harm than good, so it would be nice to be
able to adjust it.
FreeBSD have a pair of sysctl
8 matches
Mail list logo