MOO-cows Mailing List Archive


Re: Fun with FUP and root.

> I've got a solution that'd allow you to not ever need root
> perms in the MOO server and still get low port numbers.  How
> about a simple program that runs outside the MOO with root
> perms that simple routes from 80 to say 8000 or something
> usable by the MOO.  Make the router invisible to both sides
> and I think it'd work with a minimal of performance loss, and
> a LOT less security loss.

If you're running a recent Linux kernel, you can use the IP
firewalling tools to play games with port numbers---for example, route
all TCP connections from port 80 to port 1180.  Other firewalls may be
able to do this as well.

A pure Unix solution that I'd feel better about is to write a little
program called moo-ports, invoked something like this:

  moo-ports --uid moo-srv --ports "25 80 119" --exec ./moo

which would bind ports 25, 80, and 119, set some environment variable
to indicate which file descriptors went with which ports, throw away
privs and exec the ./moo server.  When it was time for the server to
listen() on port 25, it'd notice that it already had a file descriptor
ready for that and just use it.

This keeps the code running with root perms to a minimum, and
gets rid of suid anything.
Jay Carlson

Flat text is just *never* what you want.   ---stephen p spackman


Home | Subject Index | Thread Index