Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!purdue!bu-cs!bzs
From: bzs@bu-cs.BU.EDU (Barry Shein)
Newsgroups: comp.unix.wizards
Subject: Re: 3 line fix for forged mail
Message-ID: <31760@bu-cs.BU.EDU>
Date: 25 May 89 03:36:03 GMT
References: <1136@altos86.UUCP> <17719@mimsy.UUCP>
Organization: Boston U. Comp. Sci.
Lines: 27


>Privileged ports are a BSD-specific concept.  Sendmail, unlike rlogin,
>uses a protocol that is not BSD-specific.
>-- 
>In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)

That's not true, TOPS-20 certainly had priviliged ports before the BSD
internet releases. One problem was that TOPS-20 considered ports below
512 priviliged while BSD upped that to 1024 which doesn't work very
well as a unilateral change since non-priv'd users on TOPS-20 systems
still had access to the ports 512..1023.

At any rate it's all pretty much a red herring since anyone with root
access on their workstation or a PC implementation can get to the low
numbered and reserved ports. It's a relic of the days when computers
meant big time-sharing systems with very limited access to priv'd
accounts so priv'd ports gave some protection. Today anything that
relies on no one on your net being able to get to root on their
machine is doomed. I suppose it could be argued that in some specific
environments this would afford some more protection (eg. student
time-sharing systems with no workstations on the network, sigh.)

-- 
	-Barry Shein

Software Tool & Die, Purveyors to the Trade
1330 Beacon Street, Brookline, MA 02146, (617) 739-0202