Re: www user than root
From: Bruce M Simpson (bms_at_spc.org)
Date: 06/22/05
- Previous message: Mrad James Deane: "www user than root"
- In reply to: Mrad James Deane: "www user than root"
- Next in thread: Marco Molteni: "Re: www user than root"
- Reply: Marco Molteni: "Re: www user than root"
- Reply: Maxim Konovalov: "Re: www user than root"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 22 Jun 2005 16:14:06 +0100 To: Mrad James Deane <xtremejames183@msn.com>
On Wed, Jun 22, 2005 at 05:01:17PM +0200, Mrad James Deane wrote:
> hello i want to know how the www user with uid:80 can print on a priviliged
> port like 80 rather the root user im very in trouble i did not find a
> solution yet mac_portacl is one but it is very experimental please help.
> thanks
I think you may have meant 'bind' rather than 'print' here?
Anyway, the way they used to do this back in the day on Linux at least was
to hack the socket code to allow binds to privileged ports by certain
users/groups rather than relying solely on the super-user check.
You could do something like this in FreeBSD 5-STABLE by hacking the
in_pcbbind_setup() function in src/sys/netinet/in_pcb.c to not just
call suser_cred(), but to instead perform a group check, by calling
groupmember(some_privileged_socket_group, cred).
Regards,
BMS
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Mrad James Deane: "www user than root"
- In reply to: Mrad James Deane: "www user than root"
- Next in thread: Marco Molteni: "Re: www user than root"
- Reply: Marco Molteni: "Re: www user than root"
- Reply: Maxim Konovalov: "Re: www user than root"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
