Re: Liberating locked up ports
Re: Liberating locked up ports
- Subject: Re: Liberating locked up ports
- From: "Peter Sichel" <email@hidden>
- Date: Wed, 29 Jan 2003 11:04:10 -0500
>
>All true, but this debate was waged and lost two years ago.
>
>
Someone must have forgotten to invite me to that debate. I have yet
>
to hear any sort of convincing argument as to why removing the
>
restriction on ports less than 1024 would be a bad thing. Is there
>
anyone on this list who thinks removing the restriction would be a
>
bad thing?
I'm not aware of any convincing arguments. I can only offer
the reasons that were presented at the time.
(1) This is standard unix behavior.
(2) The security folks at Apple are concerned about the implications
of such a change and will not allow it.
Having lived with it for a while, I've noticed that this same technique
of using privileged helper apps is applicable to a number of areas such
as modifying the System Configuration, or using other privileged tools.
Even if Apple removed the low port restriction, I would still need all
the same infrastructure for these other areas. I decided to stop
resisting and just wrote the infrastructure to deal with it. Adding
another privileged operation is now quick and painless.
I just wish Apple would publish a complete example that shows developers
what they need to do instead of forcing everyone to spend months
figuring out and solving these problems in slightly different ways.
I've offered my own code as a basis for such an example.
- Peter
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.