[3105] in Release_Engineering
Re: /etc/services addition
daemon@ATHENA.MIT.EDU (Ezra Peisach)
Thu Aug 12 10:32:43 1993
To: wade@MIT.EDU (Steven Wade Neiterman)
Cc: rel-eng@Athena.MIT.EDU
In-Reply-To: Your message of Thu, 12 Aug 93 10:24:34 -0500.
Date: Thu, 12 Aug 93 10:30:57 EDT
From: Ezra Peisach <epeisach@Athena.MIT.EDU>
I wonder if the choice of the people w/ gopher chosing port 70 was so wise.
It requires that the server then be run as root -- which probably explains
why there was that CERT announcement regarding gopher....
Ports < 1024 are priviledged port numbers, which requires the program to be
run as root to bind to the port. I suspect that at one time, this was to
ensure system services (like ftpd) could not be spoofed...
For a service like gopher, there is no real requirement for this low port numnner
as it does not need to potentially be any user (setuid, etc), so it was
a poor choice.
Ezra
