I think that the following sysctls do the trick

[EMAIL PROTECTED] sysctl net|grep reserv
net.inet.ip.portrange.reservedhigh: 1023
net.inet.ip.portrange.reservedlow: 0

marco
According to that, one could lower the reservedhigh value to 79, or increase the reservedlow to 81, but I don't think it would be secure enough. The hack that Bruce mentioned would be secure, but not too impressive. I've seen the RBAC (Role-based access control) in Solaris 10 and it did it nicely. It would be nice to have such feature in FreeBSD. Or even in TrustedBSD as an experimental project, and it might be merged later if it seems to be stable.

Cheers,

Gábor Kövesdán
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to