[pilif]

>One of these historical warts is that the creation of raw sockets, which is how ping sends ICMP packets, requires root.

It's a good thing raw sockets require root. Raw sockets are incredibly powerful tools that can be used for all sorts of mischief (including source address spoofing in case of udp, so perfect for various dos attacks)

It's a feature if some clueless user that just downloaded some Trojan flash player update can't fire off a DNS reflection attack against a third party

[Maxious]

> In May 2001, a well-known CEO of a security and consulting company, Steve Gibson, released the Raw Socket's warning. According to his Web site, Raw Sockets was a "seriously dumb idea...from Microsoft" that "...spells catastrophe for the integrity of the Internet."

http://www.informit.com/articles/article.aspx?p=27289

[cyphar]

I'd argue that that is much worse to allow writing to any file, reading any file, reading raw memory, etc. These are also things you can do with root. Raw sockets (in comparison) are much less bad. Binding to low ports I think post people agree is a much more obvious wart.