|
Bugtraq
mailing list archives
Re: Is starting a user program on priv port via inetd dangerous ?
From: jmc () gnu ai mit edu (jmc () gnu ai mit edu)
Date: Fri, 22 Jul 1994 14:19:45 -0400 (EDT)
Your average BSD rlogind will check the port the connection comes from, so
I assume they all do when they come from your trusty vendor, to make sure
it is within the range 512 to 1024, or more precisely, the upper half of
whatever it believes is the range for priviledged ports to be (there's a
kernel variable on Solaris2 for this...I'm curious about what happens when
this becomes 0 :-)
So straight away, this puts 194 out of the market.
What if it were 594 ?
And then there's the case of tcp/ip implementations that come with no
such meaning. i.e I can bind any port I want on those. IBM's tcp/ip
for VM does this, most pc's do this, etc. The problem with VM's is
that unlike the pc generally, it comes with a complete bsdish
networking library. So, it's relatively easy to spoof sockets from
these then. i.e don't put mainframe's in your .rhosts :-) (I have
seen people do this).
James
 By Date 
By Thread
Current thread:
|
Intro
