In message <E12Iwlj-0004MM-00@taurus.cus.cam.ac.uk>, Peter Benie writes:
+-----
| Matthew Kirkwood writes ("Re: Capabilities"):
| > > Capabilities don't solve the inability to change which port is bound
| > > since cap_net_bind_service is equivalent to root on most machines.
| >
| > Please explain? If bind has only CNBS and runs as user "named",
| > then there is no root equivalence that I can see.
|
| If you can bind to low numbered ports, you can fake credentials for
| rsh or rlogin. From there, you can get to root on many machines
+--->8
I can do that from a Windows PC, if necessary spoofing packets from a
legitimate host. So?
Anyone who doesn't disable or severely restrict the r-commands is begging
for trouble: *they* are the security holes here, not CNBS.
--
brandon s. allbery os/2,linux,solaris,perl allbery@kf8nh.apk.net
system administrator kthkrb,heimdal,gnome,rt allbery@ece.cmu.edu
carnegie mellon / electrical and computer engineering kf8nh
We are Linux. Resistance is an indication that you missed the point.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Feb 15 2000 - 21:00:18 EST