On Sun, Mar 13, 2005 at 11:00:27AM -0500, Rik van Riel wrote:
> On Sun, 13 Mar 2005, Kurt Garloff wrote:
> > Why not just require the other end of the socket to be below 1024?
> > If you bind to localhost, that should be enough.
> Because the ability to open connections from ports < 1024
> is a capability, which can be retained by daemons after
> dropping the other root privileges.
But I don't see a problem with this.
Kurt Garloff <kurt@xxxxxxxxxx> [Koeln, DE]
Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
Linux: SUSE Labs (Director) <garloff@xxxxxxx> [Novell Inc]
Description: PGP signature