Re: bind() - Old/Current behaviour - Change?

From: David Lang (david.lang@digitalinsight.com)
Date: Mon Oct 23 2000 - 12:50:29 EST

Next message: Richard B. Johnson: "Re: Topic for discussion: OS Design"
Previous message: Rob Andrews: "Lockup on IDE HPT370 when changing DMA mode."
In reply to: Andrey Savochkin: "Re: bind() - Old/Current behaviour - Change?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

I was thinking about this problem late last week and would like to throw
out a off-the-wall proposal.

for a dedicated server (no end-user logins) how about making a kernel
compile option that removes the 'only root can bind to ports <1024' limit?

this would allow programs that now need to run as root to bind the port to
just run as a normal user from the start.

comments?

David Lang

On Mon, 23 Oct 2000, Andrey Savochkin wrote:

> Date: Mon, 23 Oct 2000 19:11:46 +0800
> From: Andrey Savochkin <saw@saw.sw.com.sg>
> To: Cefiar <cefiar1@optushome.com.au>
> Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
> Subject: Re: bind() - Old/Current behaviour - Change?
>
> Hello,
>
> On Sat, Oct 21, 2000 at 05:23:10PM +1000, Cefiar wrote:
> >
> > I'm happy with that - still produces the required effect and removes bloat
> > from kernel space. Also means it should be easy to revert to default behavior.
> >
> > My original idea was basically a wrapper much like the way chroot works.
> > Being able to lock things in some state that was more appropriate for the
> > program in question. I know that when I set up named/bind on a 2.2 system I
> > set up with a chroot environment, every time an interface changed state, we
>
> You may wish to look at
> ftp://ftp.nc.orc.ru/pub/Linux/people/saw/bindd
> I designed it a long time ago to support programs like bind which are not
> trusted to run with high privilages but still need privileged ports.
>
> > had to restart named so that it could re-bind to the addresses. Being able
> > to lock the state of those addresses in some way would be brilliant, wether
> > it's the default or not.
>
> What do you mean under "lock the state"?
>
> Best regards
> Andrey
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> Please read the FAQ at http://www.tux.org/lkml/
>

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQEVAwUBOfR6aD7msCGEppcbAQE3QAgApFj0GXTzyZsp97ugt4GoRFoRqWLeI1Sn
RCPU17etx/KMVlP+Ax5AezBxU6O2JL1i14NFufGDgXj8uj7nmWur0wrwKOKGFhFm
kHEY223SoS46XBreMllBq1glTX7vWIAnKGJnTL3RJa3XIJzoNl6RogN0Kpk/nG8N
PVpjU2DeR1SKEpg/8O59MPjgtABtK46+7q1Q/aYsWNNOfnEYavffQikTcHXxDMXM
o9wbs7T92OLkHHiLx33nj+s/pMyPo9NfkLMgsuK3zmXdTXCEosDFcdiJ88ArL5x1
f9zi4PdKUaDtU4LA4MS7B9a0TBsGpLRonsNOYTvH2iyWe7LlymkahQ==
=sS3A
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard B. Johnson: "Re: Topic for discussion: OS Design"
Previous message: Rob Andrews: "Lockup on IDE HPT370 when changing DMA mode."
In reply to: Andrey Savochkin: "Re: bind() - Old/Current behaviour - Change?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Oct 23 2000 - 21:00:21 EST