On what versions of FreeBSD can we unreserve ports?
- From: Ian G <iang@xxxxxxxxxxxxx>
- Date: Sat, 27 May 2006 15:46:56 +0200
On which versions of FreeBSD is it now possible to
un-reserve ports?
( I've been waiting for this since forever ... have
spent countless days - $$$ - trying to install
workarounds, only to junk them later. I've even
been paid a consulting gig to develop this, and
declined to deploy it on my own servers :-/ )
iang
http://askslim.blogspot.com/2006/05/freebsd-61-disabling-reserverd-ports.html
Friday, May 26, 2006
FreeBSD 6.1: Disabling Reserverd Ports
A common misfeature found on UN*X operating systems is the
restriction that only root can bind to ports < 1024. Many a
dollar has been wasted on workarounds and -often- the
resulting security holes.
Fortunately on FreeBSD 6.1 (and probably older versions as
well) you can disable this remnant of trust-by-convention.
host$ sysctl net.inet.ip.portrange.reservedhigh=0
That simple. Add it to your /etc/sysctl.conf today!
posted by Slim @ 4:18 PM
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Prev by Date: Re: FreeBSD Security Survey
- Next by Date: Re: On what versions of FreeBSD can we unreserve ports?
- Previous by thread: Re: On what versions of FreeBSD can we unreserve ports?
- Next by thread: Request for freebsd-update
- Index(es):
Relevant Pages
|
|
