- From: Alan O. Freier <freier@netscape.com>
- Date: Thu, 06 Feb 1997 09:42:09 -0800
- To: Robert.Goodwin@mcc.ac.uk
- CC: ietf-tls@w3.org
Robert Goodwin wrote: > > Ports below 1024 are treated differently under unix-like systems: only > root can initiate services on these ports[1], thus the operating system > provides for some protection against a user on the system trying to subvert > services - important particularly in the context of "secure" services. > > -- > Robert.Goodwin@mcc.ac.uk > > [1]gross oversimplification, but adequate in the circumstances I think :-) Labeling this UNIX "hack" as a security feature is incredibly irresponsible. It never was and it never will be. Anybody that relies on it for protection is security hazzard waiting to be exploited. -- Alan O. Freier Corporate Cynic <freier@netscape.com> (415) 937-3638 (work)
Received on Thursday, 6 February 1997 12:47:50 UTC