Stephane Bortzmeyer wrote:
On Sun, Mar 19, 2006 at 12:42:17PM -0800,
Ned Freed <ned.freed@xxxxxxxxxxx> wrote
a message of 35 lines which said:
The privileged port concept has some marginal utility on multiuser
systems where you don't Joe-random-user to grab some port for a well
known service.
"had", not "has". The concept was invented at a time where multi-users
machines were rare and expensive monsters. So, a request coming from
source port 513 probably was "serious". Today, any highschool student
is root on his PC and therefore this protection is almost useless.
But does that student have access to the root account on servers which
are part of the networking infrastructure? Who cares if Joe User
blows up his own config. on a PC that nobody else depends on but Joe?
I find the argument flawed -- that because Joe User can be root on his
own PC,
the concept of privileged access to shared system-critical infrastructure is
somehow obsolete.
Andy
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf