Alright, I will give it a shot. Thank you for helping out! Best, Cai
On Saturday, June 1, 2013, Vladimír Čunát wrote: > On 06/01/2013 09:07 PM, Cai Chen wrote: > >> Thank you, Vlad. I think leaving non-privileged ports (above 1024) wide >> open has serious security implication. People still can ping ip:port and >> knock the server down. Is my concern valid? Is there a way to secure our >> nixos server but still give our non-root users ability to open any port >> above 1024? >> > > Many don't consider that a security problem (including me)... you can read > that in the link I sent :-) > > Users have to open the ports and the attacker could only gain privileges > of the user in the worst case (if the user ran something dangerous on the > port). I suppose it depends on what you do on the machine. > > Vlada > > >
_______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
