On what versions of FreeBSD can we unreserve ports?
Ian G
iang at iang.org
Sun May 28 04:46:15 PDT 2006
Patrick Proniewski wrote:
> On 27 mai 2006, at 15:51, Ian G wrote:
>
>> On which versions of FreeBSD is it now possible to
>> un-reserve ports?
>
>
>> host$ sysctl net.inet.ip.portrange.reservedhigh=0
>
>
>
> According to freebsd web site, it has first came with 5.1R (http://
> www.freebsd.org/releases/5.1R/relnotes-i386.html). By the way, you
> might want to take a look to MAC implementation, and especially:
> http://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac.html
From link above:
"It is now possible to specify the range of ``privileged ports''
(TCP and UDP ports that require superuser access to bind(2) to).
The range is now specified with the net.inet.ip.portrange.reservedlow
and net.inet.ip.portrange.reservedhigh sysctl variables, defaulting
to the traditional UNIX behavior. This feature is intended to help
network servers bind to traditionally privileged ports without
requiring superuser access. ip(4) has more details."
Thanks!
iang
More information about the freebsd-security
mailing list