> *however*, we now have systrace in the tree, and that allows much more
> granular control over what system calls may be called.  I have been
> meaning to test the following concept for a while:
>     *	define IPNOPRIVPORTS in my kernel
>     *	set a systrace policy to allow certain uids or gids to bind to
> 	a specific port (e.g, "uid=named to tcp/udp port 53"
>     *	set a default systrace policy; prevent uid!=0 from binding port <
> 1024

i have thought of this too, however this follows the paradigm of "having an 
insecure system, then using rules to lock it down."  my patch follows the 
paradigm of "have a locked down system, and only open what you want."  both 
are effective, when done right.  but personally, i'd rather start with 
default security.

--joe