>> If an application is a File Compression utility, then there is no >> reason why it should have access to the TCP stack.
> The problem then, is how to prevent an unprivileged user from setting > up a File Compression utility to access TCP and establish a port to > which an incoming connection can be made without authentication. The problem is worse than that. The problem becomes one of identifying whether a particular program is something that should or shouldn't have access to the TCP stack - or, more likely, which of several grades of access it should have. For example, on a typical Unix variant, there are no file compression utilities; there are compression utilities which can be used to compress files, but which can also be used to, say, take data from a network connection, compress it, and send it back out that connection in the other direction. As such, they need to have access to send and receive data over established TCP streams. But then there are programs such as netcat, which to do their job need to be able to set up listening endpoints and initiate connections. The problem becomes one of telling the difference. You need to either forbid users from running un-vetted executables they provide (whether locally compiled or not is irrelevant) or you need to trust them to accurately state what level of access they need to the network. The latter is highly error-prone - just look at how many users routinely run with admin privilege under Windows - and the former will garner your OS widespread rejection (even if it does gain a sliver of acceptance from those who (a) understand the security principles involved and (b) want to run a shop that tight). /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML [EMAIL PROTECTED] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php