Raghu Chinthoju wrote:
> Not only on 2K, in all OS of M$, any user can open sockets using
> source ports < 1024. In all the UX flavors (as far as I know), this
> kind of security has been implemented since the primitive builds of
> the kernel.

  Well, to be fair I think the underlying assumptions were somewhat different.

  In the Unix world, the idea was that ports < 1024 would represent system services, and it was assumed that there would be relatively few system services and listeners per host, and that the host would be administered by folks who could be "trusted" in some sense.

  So for example you have the identd service (tcp/113) whose job it is to verify the users associated with sockets. This only provides "security" if you have some faith that the owner of the box that you're querying is someone you trust. In the world where you have many users but few administrators, this might make some sense. In the world where everyone owns and manages the computer on their desk, and where the OS that runs on the server isn't that different from the OS that runs on the desktop, that makes much less sense.

  And given the large number of services that are running in a typical W2K environment (check out what WinLogon does) and the fact that those relative "latecomers" (in terms of reserving a well-known port number with IANA) are well above 1024, this magic port number distinction isn't particularly meaningful.

  I'm guessing it wouldn't be a big deal necessarily to implement a restriction like "only authorized users can bind listeners to ports < 1024" in the NT kernel, particularly given the rich set of policy-based permissions that NT uses (i.e. Local Security Policy). The question would be "Why? What problem does this solve?".

  -bws

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]