Re: [linux-security] Configuration for binding to "secure" ports?

[Malcolm Beattie <mbeattie sable ox ac uk>]

Lamar Owen writes:
> I began to think -- what if there was a way to configure the kernel to
> allow a non-root program to listen on a particular "secure" port --
> then I wouldn't have to start various and sundry network daemons as
> root, just to have them seteuid to another user after acquiring the
> port.
[...]
> reasons prohibit me at this time.  So, I am currently stuck at 2.0.x,
> which has no such 'capabilities' (bad pun).

I've written a "socket filesystem" for 2.0 that lets you set
user/group and permissions on ports less than 1024 simply by doing
things like
    chown named /sockfs/53
    chown ldap /sockfs/389
There's a small kernel patch (which changes the "check for <1024"
socket bind test to callout to a separate function) and a sockfs.o
filesystem module. You do
    insmod sockfs.o
    mount -t sockfs sockfs /sockfs
and then the appropriate "write" persmission bit on the (fake) file
/sockfs/n determines whether owner/group/other can bind to port n.
It's available from
    ftp://ftp.ox.ac.uk/pub/linux/sockfs-a1.tar.gz
and is only 6K. It's alpha1 as its name implies and only lightly
tested but it's really very simple.

--Malcolm

-- 
Malcolm Beattie <mbeattie sable ox ac uk>
Unix Systems Programmer
Oxford University Computing Services