Binding ssh to priviledged port breaks rule (port < 1024 => system service)
sen_ml at eccosys.com
sen_ml at eccosys.com
Tue Feb 15 00:42:11 EST 2000
Ola> o It breaks firewall rules that assume that user connections start at
Ola> port > 1024 or > 32768.
bad assumption on the part of the rule writer.
Ola> o It breaks monitoring software using the same assumptions.
bad assumption on the part of the software author.
Ola> o Every suid program is a separate evil (caused by the flawed security
Ola> model in most unices).
using setuid properly is hard, but setuid is not evil, imo.
More information about the openssh-unix-dev
mailing list