[Nix-dev] Can non-root users open new ports?

Cai Chen ecaichen at gmail.com
Sat Jun 1 21:07:40 CEST 2013


Thank you, Vlad. I think leaving non-privileged ports (above 1024) wide
open has serious security implication. People still can ping ip:port and
knock the server down. Is my concern valid? Is there a way to secure our
nixos server but still give our non-root users ability to open any port
above 1024?

On Saturday, June 1, 2013, Vladimír Čunát wrote:

> On 06/01/2013 06:07 PM, Cai Chen wrote:
>
>> Am I understanding it right?
>>
>
> True, except perhaps for one thing. AFAIK anyone can open ports above
> 1024. (Well, I suppose our firewall prevents this now, but that's easy to
> disable if you want users to have this ability. https://github.com/NixOS/*
> *nixos/issues/55 <https://github.com/NixOS/nixos/issues/55> )
>
> Vlada
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20130601/ca87141a/attachment.html 


More information about the nix-dev mailing list