Recent searches
Search options
Linux really needs to remove the “privileged ports” security theater bullshit.
We’re no longer living in the mainframe era. The security properties of the Internet are different to mainframes. This is actually an anti-feature that either complicates life or actually compromises security (when folks run servers as root and forget to drop privileges , etc.).
If anyone has any sway within the kernel team, etc., please do your thing.
@aral how is it theatre? For example when I have to expose ssh to the internet I usually use port 2022 because at least that's one more layer of security, in case someone gets user access to the system and are able to crash the ssh service they can't start their own service that harvests passwords because it was on a privileged port.
@stemid Please see the linked page (and the articles linked to that) :)
@aral @stemid I mean, there's just plenty of solutions. From what I read in your article you have found one through modifying a kernel parameter. Which means that the mechanism is implemented. It's just not enabled by default.
I see lots of workarounds to your problem and Linux in itself doesn't prevent one from achieving the behavior you're looking for.