You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs-cvs@perl.apache.org by st...@apache.org on 2002/07/08 18:51:51 UTC
cvs commit: modperl-docs/src/docs/general Changes.pod multiuser.pod
stas 2002/07/08 09:51:51
Modified: src/docs/general Changes.pod multiuser.pod
Log:
add a reference to cbs, which prevents users from bind'ing to
certain ports above 1024. [Philippe M. Chiasson]
Revision Changes Path
1.8 +3 -0 modperl-docs/src/docs/general/Changes.pod
Index: Changes.pod
===================================================================
RCS file: /home/cvs/modperl-docs/src/docs/general/Changes.pod,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Changes.pod 31 May 2002 22:06:45 -0000 1.7
+++ Changes.pod 8 Jul 2002 16:51:51 -0000 1.8
@@ -37,6 +37,9 @@
* multiuser.pod
+ o add a reference to cbs, which prevents users from bind'ing to
+ certain ports above 1024. [Philippe M. Chiasson]
+
o chroot(1) info
o jail(8) info (Andrew McNaughton)
1.4 +7 -2 modperl-docs/src/docs/general/multiuser.pod
Index: multiuser.pod
===================================================================
RCS file: /home/cvs/modperl-docs/src/docs/general/multiuser.pod,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- multiuser.pod 16 Jun 2002 12:43:39 -0000 1.3
+++ multiuser.pod 8 Jul 2002 16:51:51 -0000 1.4
@@ -181,13 +181,18 @@
rival's server is listening to (e.g. using C<netstat(8)>) and
configure my own server to listen on the same port. Although I am
unable to bind to this port, imagine what will happen when you reboot
-your system and my startup script happens to be run before my rivals!
-I get the port first, now all requests will be redirected to my
+your system and my startup script happens to be run before my rival's
+one! I get the port first, now all requests will be redirected to my
server. I'll leave to your imagination what nasty things might happen
then.
Of course the ugly things will quickly be revealed, but not before the
damage has been done.
+
+Luckily there are special tools that can ensure that users that aren't
+authorized to bind to certain ports (above 1024) won't be able to do
+so. One such a tool is called C<cbs> and its documentation can be
+found at I<http://www.epita.fr/~flav/cbs/doc/html>.
=back
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-cvs-unsubscribe@perl.apache.org
For additional commands, e-mail: docs-cvs-help@perl.apache.org