Re: Guidance needed on well known ports
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guidance needed on well known ports
Stephane Bortzmeyer wrote:
On Sun, Mar 19, 2006 at 12:42:17PM -0800,
Ned Freed <ned.freed at mrochek.com> wrote
a message of 35 lines which said:
The privileged port concept has some marginal utility on multiuser
systems where you don't Joe-random-user to grab some port for a well
known service.
"had", not "has". The concept was invented at a time where multi-users
machines were rare and expensive monsters. So, a request coming from
source port 513 probably was "serious". Today, any highschool student
is root on his PC and therefore this protection is almost useless.
But does that student have access to the root account on servers which
are part of the networking infrastructure? Who cares if Joe User
blows up his own config. on a PC that nobody else depends on but Joe?
I find the argument flawed -- that because Joe User can be root on his
own PC,
the concept of privileged access to shared system-critical infrastructure is
somehow obsolete.
Andy
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
