LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Articles > Technical
User Name
Password

Notices

By mikaelstaldal at 2007-11-01 08:08

In Linux, and other UNIX-like systems, you have to be root (have superuser privileges) in order to listen to TCP or UDP ports below 1024 (the well-known ports).

This port 1024 limit is a security measure. But it is based on an obsolete security model and today it only gives a false sense of security and contributes to security holes. Therefore, it should be removed. As soon as possible.

The port 1024 limit forces you to run all network daemons with superuser privileges, which might open security holes. Without the port 1024 limit, most network daemons (except sshd), could be run without superuser privileges. Some daemons try to remedy this potential security hole by handling each connection with an unprivileged process/thread, but you still need the privileged listener process. And as far as I know, this trick does not work for UDP.

Today the typical Linux machine is not used in a way which makes the port 1024 limit relevant. We tend to use it as a desktop client (workstation) with only one user which has superuser access via sudo. In the desktop case the limit is a source of frustration since you have to use sudo more often than necessary.

Or you use it as a firewall, router or web/database/DNS/mail/news server and then only trusted administrators can login at all. The database or web application has it's own user account system separate from the system's and these untrusted users cannot install any daemons at all.

And even if you use a Linux machine in a way where the port 1024 limit could be useful, i.e. allowing untrusted users to login, you'd better not count on it. If a malicious user can login to a normal unprivileged account, it might be possible to exploit some security hole and gain superuser access. So if you allow untrusted users to login to a Linux machine, you should not use that machine for anything else and the daemons running on that machine should not be trusted.

The port 1024 limit actually bites itself in the tail. It forces a daemon practice that might open security holes which make the limit ineffective as a security measure.

I do not blame those who invented the port 1024 limit, it was a natural and important security feature given how UNIX machines were used in the 1970's and 1980's. A typical UNIX machine allowed a bunch of not necessarily fully trusted people to log in and do stuff. You don't want these untrusted users to be able to install a custom daemon pretending to be a well-known service such as telnet or ftp since that could be used to steal passwords and other nasty things.

The port 1024 limit is part of the same security model that gave us the rlogin authentication. That security model is based on the assumption that every machine (but not every user) on the network can be trusted, that only trusted users have root access to any network connected machine and that all network connected machines have the same port 1024 limit.

It is well-known that this security model is obsolete and totally useless on the public Internet today. Virtually anyone can connect a computer to the pubic Internet and have root access, and there is at least one popular operating system without this port 1024 limit - Microsoft Windows.

Because of this, no sensible person uses rlogin authentication on an Internet connected network today (at least not without being protected by a carefully configured firewall). But the port 1024 limit is still there in Linux and most other UNIX style systems. I wonder why. Isn't it time to declare the port 1024 limit as obsolete too and remove it?


by billymayday on Tue, 2008-02-26 03:17
Quote:
Today the typical Linux machine is not used in a way which makes the port 1024 limit relevant. We tend to use it as a desktop client (workstation) with only one user which has superuser access via sudo.
Which distros other than the Ubuntu family follow this model? Might be popular, but typical?

by chrism01 on Wed, 2008-07-09 02:34
There's a lot of Linux servers out there, and more being installed all the time.
In fact, many articles have posited that the main incursion is to replace other Unix servers, rather than MS...


  



All times are GMT -5. The time now is 06:44 PM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration