-----BEGIN PGP SIGNED MESSAGE-----
I was thinking about this problem late last week and would like to throw
out a off-the-wall proposal.
for a dedicated server (no end-user logins) how about making a kernel
compile option that removes the 'only root can bind to ports <1024' limit?
this would allow programs that now need to run as root to bind the port to
just run as a normal user from the start.
comments?
David Lang
On Mon, 23 Oct 2000, Andrey Savochkin wrote:
> Date: Mon, 23 Oct 2000 19:11:46 +0800
> From: Andrey Savochkin <[EMAIL PROTECTED]>
> To: Cefiar <[EMAIL PROTECTED]>
> Cc: Linux Kernel Mailing List <[EMAIL PROTECTED]>
> Subject: Re: bind() - Old/Current behaviour - Change?
>
> Hello,
>
> On Sat, Oct 21, 2000 at 05:23:10PM +1000, Cefiar wrote:
> >
> > I'm happy with that - still produces the required effect and removes bloat
> > from kernel space. Also means it should be easy to revert to default behavior.
> >
> > My original idea was basically a wrapper much like the way chroot works.
> > Being able to lock things in some state that was more appropriate for the
> > program in question. I know that when I set up named/bind on a 2.2 system I
> > set up with a chroot environment, every time an interface changed state, we
>
> You may wish to look at
> ftp://ftp.nc.orc.ru/pub/Linux/people/saw/bindd
> I designed it a long time ago to support programs like bind which are not
> trusted to run with high privilages but still need privileged ports.
>
> > had to restart named so that it could re-bind to the addresses. Being able
> > to lock the state of those addresses in some way would be brilliant, wether
> > it's the default or not.
>
> What do you mean under "lock the state"?
>
> Best regards
> Andrey
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [EMAIL PROTECTED]
> Please read the FAQ at http://www.tux.org/lkml/
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
iQEVAwUBOfR6aD7msCGEppcbAQE3QAgApFj0GXTzyZsp97ugt4GoRFoRqWLeI1Sn
RCPU17etx/KMVlP+Ax5AezBxU6O2JL1i14NFufGDgXj8uj7nmWur0wrwKOKGFhFm
kHEY223SoS46XBreMllBq1glTX7vWIAnKGJnTL3RJa3XIJzoNl6RogN0Kpk/nG8N
PVpjU2DeR1SKEpg/8O59MPjgtABtK46+7q1Q/aYsWNNOfnEYavffQikTcHXxDMXM
o9wbs7T92OLkHHiLx33nj+s/pMyPo9NfkLMgsuK3zmXdTXCEosDFcdiJ88ArL5x1
f9zi4PdKUaDtU4LA4MS7B9a0TBsGpLRonsNOYTvH2iyWe7LlymkahQ==
=sS3A
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
