On Wed, 22 Nov 2000, Charles M. Hannum wrote:

: > 1. A process flag, cleared on exec, allowing reserved port binding.

: This smells an awful lot like a capabilities-based system...

Yes, which is what I thought too.

: > 2. A socket option that creates a duplicate of a bound socket.
: > 
: >    This approach allows ftpd to create its data socket before revoking
: >    privileges, prebound, but not connected to a remote system.  It could
: >    have other useful non-security-related applications as well.

: This is an absolutely horrendous abstraction violation.  No way.

I don't see how this is a "horrendus abstraction violation," so a
non-summary technical explanation of this response would be nice.

-- 
-- Todd Vierling <tv@wasabisystems.com>  *  http://www.wasabisystems.com/
-- Speed, stability, security, and support.  Wasabi NetBSD:  Run with it.