|
|
Focus on Sun
allowing ordinary users to open privileged ports Sep 02 2004 02:40PM randy calma repasa (rrepasa ekonek com) (6 replies) Re: allowing ordinary users to open privileged ports Sep 10 2004 11:40PM Brian Hatch (bri ifokr org) Re: allowing ordinary users to open privileged ports Sep 06 2004 03:58AM David Meissner (dmeissner jetcity com) (1 replies) RE: allowing ordinary users to open privileged ports Sep 10 2004 01:29PM Phil Eschallier (phil 10types com) (1 replies) Re: allowing ordinary users to open privileged ports Sep 13 2004 02:03PM Reg Quinton (reggers ist uwaterloo ca) Re: allowing ordinary users to open privileged ports Sep 04 2004 02:08PM Casper Dik (casper holland sun com) (1 replies) Re: allowing ordinary users to open privileged ports Sep 06 2004 06:07AM Kapetanakis Giannis (bilias edu physics uoc gr) (1 replies) RE: allowing ordinary users to open privileged ports Sep 04 2004 02:07PM Alan W. Rateliff, II (lists rateliff net) Re: allowing ordinary users to open privileged ports Sep 04 2004 02:05PM Jason (security brvenik com) |
|
Privacy Statement |
>On Sat, 4 Sep 2004, Casper Dik wrote:
>
>> In Solaris 9 and before it is not possible to achieve this other than
>> by running applications as root.
>>
>> In Solaris 10, you can give users the net_privaddr privilege
>> which allows them to bind to privilege ports.
>>
>> Of course, this means that no part of the infrastructure should
>> depend on reserved port based "authentication".
>>
>> (I.e., no .rhosts file authentication; no "auth_sys" NFS, etc.)
>>
>> Casper
>
>Just one question, by giving the net_privaddr privilege you allow
>all low ports to the specific user, or is there a way to assign a set
>of ports only?
It's all or nothing; I agree it would be nice to have some other
form of access control on specific ports.
(For those of you suggesting the use of "ndd": ndd does not allow
you to lower the lowest reserved port number)
Casper
[ reply ]