[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security: FreeBSD vs OpenBSD



> I'm curious as to the development community's reaction
> to this claim.  I recently (and quite accidentally)
> started a thread on the Nessus list about running
> Nessusd under a non-root user and the upshot is that a
> lot of exploits need to try low ports and such, so
> Nessusd is not really effective if it runs without
> that capability.  Nmap needs root too and Nessus needs
> Nmap.

Nmap is a totally separate issue.  Nmap needs root because it needs to
have a raw interface to the socket so it can create its whacky
packets.  Letting users do that is probably not good.  Letting
non-root users bind to port 80, however, is a good thing.  Those old
restrictions no longer serve any positive security purpose and they
mean that a weakness in any of the standard servers (web, mail, ssh,
pop, anyything) can result in a root compromise.  It's all downside
and no upside that I am aware of.

> Is this really a legacy decision that should be
> canned?

Yes.  They are a hold-over from days long-gone.  Many on the OpenBSD
group are very traditionalist however.

>From a a capabilities point of view, the idea would be to have "bind
to Port X" be its own capability.  That would be the right way to
segregate things.