Stephane Bortzmeyer wrote: > On Sun, Mar 19, 2006 at 12:42:17PM -0800, > Ned Freed <ned.freed@xxxxxxxxxxx> wrote > a message of 35 lines which said: > > >> The privileged port concept has some marginal utility on multiuser >> systems where you don't Joe-random-user to grab some port for a well >> known service. >> > > "had", not "has". The concept was invented at a time where multi-users > machines were rare and expensive monsters. So, a request coming from > source port 513 probably was "serious". Today, any highschool student > is root on his PC and therefore this protection is almost useless. >
But does that student have access to the root account on servers which are part of the networking infrastructure? Who cares if Joe User blows up his own config. on a PC that nobody else depends on but Joe?
But if nobody has local access to these servers, why is it is necessary or useful for servers to run with root access in order to bind to these ports? This is why I referred to the utility of this feature as marginal. Its realm of utility is being squeezed on one side by the trend to run critical network services on tightly locked down systems rather than on multiuser machines, and on the other by users who want to run their own stuff doing so on their own machines. I simply don't have enough insight into global usage patterns to agree totally with Staphane's asssrtion that this now has no utility at all. But I think the trends are pretty clear.
I find the argument flawed -- that because Joe User can be root on his own PC, the concept of privileged access to shared system-critical infrastructure is somehow obsolete.
I don't think anyone is claiming that such access needed to be protected. The issue is rather that the specific mechanism of requiring root can have an amplifying effect on holes in applications, changing them from a threat to the application to a way to attack the entire server the application runs on. Ned _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf