Mailing List SIMS@mail.stalker.com Message #15249
From: <lcs@spellnetwork.com>
Subject: Re: ASSP
Date: Thu, 15 Jun 2006 08:56:56 -0400
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: Apple Mail (2.750)
I agree - however - i don't want someone from the outside running malicious code as an admin.  Since we have control on the front side with physical location of our machines - it's the outside i'm concerned about.  I would not try this if I had to leave an admin logged in but i may try it with this config.

--Thanks Chris

LCS
On Jun 15, 2006, at 12:07 AM, chris wrote:

I consider this a security flaw as a non admin should NOT be allowed to
listen on ports below 1024. This may be changeable thru firewall or other
settings... by the default setup for a non admin user under 10.4.6
appears to allow the user, at least via Classic, to listen on privileged
ports.

Sure, that's good for those of us that want to run SIMS in Classic and
not leave an admin account logged in to do so... but it is still a
security flaw in my opinion as it should not happen "out of the box" as
it does now.

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster