On Mon, Oct 23, 2000 at 10:50:29AM -0700, David Lang wrote:
> I was thinking about this problem late last week and would like to throw
> out a off-the-wall proposal.
>
> for a dedicated server (no end-user logins) how about making a kernel
> compile option that removes the 'only root can bind to
On Mon, Oct 23, 2000 at 10:50:29AM -0700, David Lang wrote:
I was thinking about this problem late last week and would like to throw
out a off-the-wall proposal.
for a dedicated server (no end-user logins) how about making a kernel
compile option that removes the 'only root can bind to
MAIL PROTECTED]>
> Cc: Linux Kernel Mailing List <[EMAIL PROTECTED]>
> Subject: Re: bind() - Old/Current behaviour - Change?
>
> Hello,
>
> On Sat, Oct 21, 2000 at 05:23:10PM +1000, Cefiar wrote:
> >
> > I'm happy with that - still produces the required
Hello,
On Sat, Oct 21, 2000 at 05:23:10PM +1000, Cefiar wrote:
>
> I'm happy with that - still produces the required effect and removes bloat
> from kernel space. Also means it should be easy to revert to default behavior.
>
> My original idea was basically a wrapper much like the way chroot
Hello,
On Sat, Oct 21, 2000 at 05:23:10PM +1000, Cefiar wrote:
I'm happy with that - still produces the required effect and removes bloat
from kernel space. Also means it should be easy to revert to default behavior.
My original idea was basically a wrapper much like the way chroot
Kernel Mailing List [EMAIL PROTECTED]
Subject: Re: bind() - Old/Current behaviour - Change?
Hello,
On Sat, Oct 21, 2000 at 05:23:10PM +1000, Cefiar wrote:
I'm happy with that - still produces the required effect and removes bloat
from kernel space. Also means it should be easy to revert
At 03:02 PM 20/10/00 +0800, Andrey Savochkin wrote:
>On Thu, Oct 19, 2000 at 09:52:30PM +1000, Cefiar wrote:
>[snip]
> > ... what is really necessary,
> > which is to simply not allow the programs to bind to the addresses in the
> > first place. Unfortunately to implement this sort of thing in
At 03:02 PM 20/10/00 +0800, Andrey Savochkin wrote:
On Thu, Oct 19, 2000 at 09:52:30PM +1000, Cefiar wrote:
[snip]
... what is really necessary,
which is to simply not allow the programs to bind to the addresses in the
first place. Unfortunately to implement this sort of thing in god knows
[cc list trimmed]
On Thu, Oct 19, 2000 at 09:52:30PM +1000, Cefiar wrote:
[snip]
> ... what is really necessary,
> which is to simply not allow the programs to bind to the addresses in the
> first place. Unfortunately to implement this sort of thing in god knows how
> many user space programs
[cc list trimmed]
On Thu, Oct 19, 2000 at 09:52:30PM +1000, Cefiar wrote:
[snip]
... what is really necessary,
which is to simply not allow the programs to bind to the addresses in the
first place. Unfortunately to implement this sort of thing in god knows how
many user space programs
Hello all,
During the recent thread "Re: bind() allowed to non-local addresses" there
is mention of change in the behavior of bind() re: allowing use of
non-local addresses between 2.2 and 2.4 series kernels.
Funnily enough, I've been playing with IPSec, Masqerading and so on for a
Hello all,
During the recent thread "Re: bind() allowed to non-local addresses" there
is mention of change in the behavior of bind() re: allowing use of
non-local addresses between 2.2 and 2.4 series kernels.
Funnily enough, I've been playing with IPSec, Masqerading and so on for a
12 matches
Mail list logo