Casey Schaufler skrev:
How do you protect ports greater than 1024 from any user binding to them?
E.g. port 1080.
Should the OS manage port number allocations? I don't think so
based on the notion of ports being names in an uncontrolled flat
namespace. The whole problem is that people want to ma
Phillip Susi skrev:
Mikael Ståldal wrote:
And how do you protect ports >1024 from any user binding to them?
You prevent users from binding to those ports by only giving
applications that need to the capability, and only letting the users
that need to have execute permission to th
Radoslaw Szkodzinski (AstralStorm) skrev:
In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
well-known ports). As far as I know, this limit is hardcoded in the kernel.
The proper way to enable port <= 1024 binding support is adding CAP_NET_BIND_SERVICE to
> t
In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
well-known ports). As far as I know, this limit is hardcoded in the kernel.
In some cases, this limit do more harm than good, so it would be nice to be
able to adjust it.
FreeBSD have a pair of sysctl parameter
4 matches
Mail list logo