View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0007952||Kali Linux||[All Projects] Kali Package Improvement||public||2022-09-25 16:42||2022-12-20 01:32|
|Target Version||Fixed in Version||kali-dev|
|Summary||0007952: Improper patching of restricted ports|
I was surprised to notice that regular users can open restricted ports (<1024). Tracking the change, I could not locate a change to the "ip_unprivileged_port_start" kernel parameter in /etc/sysctl.* I then noticed this was announced in https://www.kali.org/blog/kali-linux-2021-2-release/#disabled-privileged-ports as a kernel patch. This change is implemented in https://gitlab.com/kalilinux/packages/linux/-/commit/1cddddf656ab251cc72fdc1c4e1706db86a5150b
The use of a kernel patch rather than using a sysctl parameter is questionable. Kernel patches should be last resort changes when there are no other ways to fix an issue. They are intrusive.
I suggest that this change (no privileged ports) that the Kali project decided to make be done using sysctl parameters rather than a kernel patch.
Thanks for the suggestion - this is something we will deff look into!
Heya, this is now done!
1. The patch was removed in source package linux 6.0.10-2kali.
2. We now have default sysctl settings (provided by package kali-defaults) in /usr/lib/sysctl.d/ to disable restricted ports by default.
3. There's also an entry in the tool kali-tweaks to re-enable restricted port if required.
Closing. Thanks again for the report!
|2022-09-25 16:42||fob||New Issue|
|2022-09-26 08:03||daniruiz||Assigned To||=> sbrun|
|2022-09-26 08:03||daniruiz||Status||new => assigned|
|2022-10-06 13:21||g0tmi1k||Note Added: 0016936|
|2022-12-20 01:32||arnaudr||Note Added: 0017260|
|2022-12-20 01:32||arnaudr||Status||assigned => resolved|
|2022-12-20 01:32||arnaudr||Resolution||open => fixed|
|2022-12-20 01:32||arnaudr||Fixed in Version||=> kali-dev|