On Mon, 14 Jan 2002, Philip Hazel wrote:
> In fact, I propose to make the test "stdin is a socket and EITHER the
> port is privileged OR the caller is root or the Exim user".
i'm not really following the thread, but am i on a very wrong path
when i think this doesn't much make sense with the emerging of such
techniques as capabilities on linux ? (i think there have been
something like this on freebsd for quite some time). employing
capabilities, the administrator can grant certain processes/users the
privilege to bind to privileged ports even when the process is not
running as root. this just makes me think that making a distinction
based on "user is root and port is privileged" is a false path, at
least in this particular case. no ?
i don't have any better suggestions, though, so i'm going to duck...
