[Nix-dev] Can non-root users open new ports?
Cai Chen
ecaichen at gmail.com
Sat Jun 1 21:22:47 CEST 2013
Alright, I will give it a shot. Thank you for helping out!
Best,
Cai
On Saturday, June 1, 2013, Vladimír Čunát wrote:
> On 06/01/2013 09:07 PM, Cai Chen wrote:
>
>> Thank you, Vlad. I think leaving non-privileged ports (above 1024) wide
>> open has serious security implication. People still can ping ip:port and
>> knock the server down. Is my concern valid? Is there a way to secure our
>> nixos server but still give our non-root users ability to open any port
>> above 1024?
>>
>
> Many don't consider that a security problem (including me)... you can read
> that in the link I sent :-)
>
> Users have to open the ports and the attacker could only gain privileges
> of the user in the worst case (if the user ran something dangerous on the
> port). I suppose it depends on what you do on the machine.
>
> Vlada
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20130601/26a98648/attachment-0001.html
More information about the nix-dev
mailing list