On Mon, Dec 24, 2007 at 12:04:16AM +0100, Tomasz Ostrowski wrote:
>
> Not at all, as it won't run as root, it'll just start as root and
> then give up all root privileges. The only thing it would have after
> being root is just an open socket.
If you think that is complete protection against privilege escalation, I
encourage you to read some more bugtraq archives.
The answer to MITM attacks is not superuser-reserved ports anyway. The
privileged port idea was a bad one in retrospect. The answer is strong
authentication.
A
