|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: XFREE86 can block reserved ports
Alex Belits (abelits
PHOBOS.ILLTEL.DENVER.CO.US)Wed, 6 Aug 1997 08:35:25 -0700
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Munil Shah: "Re: Vulnerability in WINS web server, NT4.0"
- Previous message: Ronald L. Parker: "Netscape Referer header considered harmful?"
- In reply to: Willy TARREAU: "XFREE86 can block reserved ports"
On Wed, 6 Aug 1997, Willy TARREAU wrote: > Hello, and sorry if it is already known stuff. > > XFree86, as any X-server, uses TCP ports 6000 and above to listen to, > waiting for incoming connections. Any user can choose his display number > simply by starting "X :0" or "X :2500" or "X :any_display". > The X server automatically chooses its port by adding the display number to > 6000. But as the ports are 16-bits coded, port 65536 equals 0, so displays > 59536 to 65535 generate listening sockets on ports 0 to 5999. > > And as the X-server runs suid root, any user can use it to block known ports > before a daemon starts using it. For example, it would be possible to use > display 59556 = port 20 to prevent ftp server from transfering data with > remote systems. This is one more reason to remove setuid bit from X server. xdm starts local X server just fine. > It is even possible to run a server on any port <= 1023 > to disable local rlogin/rsh from the local host. Considering the level of security provided by checking outgoing port number, creating trouble for the use of this feature can be considered a security enhancement ;-) -- Alex
- Next message: Munil Shah: "Re: Vulnerability in WINS web server, NT4.0"
- Previous message: Ronald L. Parker: "Netscape Referer header considered harmful?"
- In reply to: Willy TARREAU: "XFREE86 can block reserved ports"