[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: solution: running DNS as non-root

To: misc@openbsd.org, patton@sysnet.net
Subject: Re: solution: running DNS as non-root
From: Aaron Jackson <jackson@negril.msrce.howard.edu>
Date: Wed, 4 Mar 1998 01:55:25 -0500

I just noticed this from the NetBSD kernel options man page:

options IPNOPRIVPORTS
     Normally, only root can bind a socket descriptor to a so-called
     ``privileged'' TCP port, that is, a port number in the range 0-1023.
     This option eliminates those checks from the kernel. This can be useful
     if there is a desire to allow daemons without privileges to bind those
     ports, e.g. on firewalls. The security tradeoffs in doing this are sub-
     tle.  This option should only be used by experts.

Aaron Jackson		jackson@msrce.howard.edu

Prev by Date: IPX & Appletalk.
Next by Date: A very small patch...
Prev by thread: solution: running DNS as non-root
Next by thread: IPX & Appletalk.
Index(es):
- Date
- Thread