Re: strange limitation on rcmd()
--YToU2i3Vx8H2dn7O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2006.07.10 16:07:06 +0200, Iang wrote:
> Brian Candler wrote:
>=20
> >Note that only root can bind to reserved ports.
>=20
> ...
>=20
> >This mechanism is only valid for trusted hosts, of course. If you allow a
> >random person to put their own PC on the network, they can of course send
> >packets from privileged ports (either by installing Unix with their own=
=20
> >root
> >password, or by installing DOS and sending packets which come from
> >privileged ports)
>=20
> I gather that it is now possible to disable the
> privileged ports thing on FreeBSD at least.
>=20
> (Thank heavens, I say :)
Actually it is, but it would obviously be a stupid idea to do so any
place where privileged ports are required...
[simon@zaphod:~] sysctl net.inet.ip.portrange.reservedhigh net.inet.ip.port=
range.reservedlow
net.inet.ip.portrange.reservedhigh: 1023
net.inet.ip.portrange.reservedlow: 0
--=20
Simon L. Nielsen
--YToU2i3Vx8H2dn7O
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (FreeBSD)
iD8DBQFEsmF5h9pcDSc1mlERAq7RAJ9mpDSX+M8NDrC5jMScYITwB0eyCwCfd1jp
R9tCljciXvIJNmsUKHWtdJU=
=R23T
-----END PGP SIGNATURE-----
--YToU2i3Vx8H2dn7O--
討論串 (同標題文章)
完整討論串 (本文為第 4 之 7 篇):