On Wed, Jan 31, 2007 at 01:05:40PM -0600, David Young wrote:
> 
> The rule "only root can create a raw socket, PF_ROUTE and PF_BLUETOOTH
> sockets excepted" is a blunt instrument for enforcing a policy on
> what packets a program can send and receive.

I don't agree.  I believe it's the correct policy, to prohibit non-
superuser programs on multiuser systems from sending arbitrary network
packets behind the stack's back; that we have no appropriate socket
interfaces to many common protocols we do wish to let nonprivileged
programs use is the real problem.

Thor