-----Original Message-----
From: David Lang <dlang@diginsite.com>
To: Anthony Barbachan <barbacha@Hinako.AMBusiness.com>
Cc: Stefan Monnier
<monnier+lists/linux/kernel/news/@TEQUILA.SYSTEMSZ.CS.YALE.EDU>; Adam
Sulmicki <adam@cfar.umd.edu>; linux-kernel@vger.rutgers.edu
<linux-kernel@vger.rutgers.edu>
Date: Thursday, October 15, 1998 2:23 PM
Subject: Re: setting access rights to priviledged ports
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Linux has this with the ipfwadm transparent proxy capability (I assume
>that ipchains has similar support as well) the line is similar to the one
>below
>
>ipfwadm -I -a accept -r 10025 -p tcp -S 0.0.0.0/0 -D (youtIP)/32 25
>
>set sendmail to use port 10025 and you are done.
>
>David Lang
>
>
>On Wed, 14 Oct 1998, Anthony Barbachan wrote:
>
>> Date: Wed, 14 Oct 1998 21:01:02 -0400
>> From: Anthony Barbachan <barbacha@Hinako.AMBusiness.com>
>> To: Stefan Monnier
> <monnier+lists/linux/kernel/news/@TEQUILA.SYSTEMSZ.CS.YALE.EDU>,
> Adam Sulmicki <adam@cfar.umd.edu>
>> Cc: linux-kernel@vger.rutgers.edu, adam@cfar.umd.edu
>> Subject: Re: setting access rights to priviledged ports
>>
>> An alternative is to write a small socket redirecting program to redirect
>> traffic from one port to another. This is doable as I have done it
myself
>> to not only work locally but also to a completely different machine.
This
>> program could be installed on socket 25 and have it redirect requests to
a
>> user process available port where you could install your suided sendmail
>> program.
>>
>> -----Original Message-----
>> From: Adam Sulmicki <adam@cfar.umd.edu>
>> To: Stefan Monnier
>> <monnier+lists/linux/kernel/news/@TEQUILA.SYSTEMSZ.CS.YALE.EDU>
>> Cc: linux-kernel@vger.rutgers.edu <linux-kernel@vger.rutgers.edu>;
>> adam@cfar.umd.edu <adam@cfar.umd.edu>
>> Date: Wednesday, October 14, 1998 10:08 AM
>> Subject: Re: setting access rights to priviledged ports
>>
>>
>> >Stefan Monnier writes:
>> >->
>> >->I seem to remember people working on a "thingie" that would allow
>> >->the sysadm to say that port 25 can be opened by user 'mail' so that
>> >->sendmail can be made setuid-mail (and so on for news, dns, ...)
>> >->
>> >->Does such a thing exist ?
>> >
>> >The thing closest to it which is actually in linux kernel (2.1.x)
>> >is "Capabilties". But it is not a fine grained as you ask. It would let
>> >you give privilage to 'access ports'
>> >
>> >IIRC.
>> >The thing you talk about was 'chown port' patch, which used to
>> >map ports onto filesystem and use chown to change them at will.
>> >I did not made into kernel
>> >
>> >Adam
>> >
>> >-
>> >To unsubscribe from this list: send the line "unsubscribe linux-kernel"
in
>> >the body of a message to majordomo@vger.rutgers.edu
>> >Please read the FAQ at http://www.tux.org/lkml/
>> >
>>
>>
>>
>> -
>> To unsubscribe from this list: send the line "unsubscribe linux-kernel"
in
>> the body of a message to majordomo@vger.rutgers.edu
>> Please read the FAQ at http://www.tux.org/lkml/
>>
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP for Personal Privacy 5.0
>Charset: noconv
>
>iQEVAwUBNiZIBj7msCGEppcbAQG7Uwf/XYt497sXzHzUhxOq0L1acppV3JZr9cRi
>/N+DaA0+loiBGHfh8aCkt3g1GWC3ZhX2bbyO/Mopf3CBEH1ero8LY7t4UZpS7TUn
>pOdgDyQXE2iZ+YTor2P3J6Un0RvkJGztY7f/6k7LOuwR+5XZUU6PFcS72Xghqkws
>aqMsaqxZC0UMYzK88CLrT0CZjGGISgDlUCE8eZ28IBdpMBjog0sWNWAe0MZMwY+p
>8vvg7LRXd8jKhX5UZA1f5zM156tu8Ie+BoqBb28zMQermKG+NTfHL+GOg0G6ajJw
>E+60v7D+CPwVUf3AnFoUmjVG41Lgp2xGwFdaxVGZDufRUXZ7Lt/x3g==
>=6ySM
>-----END PGP SIGNATURE-----
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/