Re: Capabilities

From: Dan Hollis (goemon@sasami.anime.net)
Date: Sun Feb 20 2000 - 22:50:38 EST

Next message: Khimenko Victor: "Re: Capabilities"
Previous message: Dan Kegel: "Re: accept() improvements for rt signals"
In reply to: Horst von Brand: "Re: Capabilities"
Next in thread: Malcolm Beattie: "Re: Capabilities"
Reply: Malcolm Beattie: "Re: Capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 20 Feb 2000, Horst von Brand wrote:
> Binding to a low port is a capability (or should be made one, as it is
> one of the special powers root enjoys right now).

Better would be to give low ports classic unix ownerships, so that
non-root user 'named' process can bind to e.g. udp/53, but no others.

e.g. 'chown named /proc/sockets/udp/53'

-Dan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Khimenko Victor: "Re: Capabilities"
Previous message: Dan Kegel: "Re: accept() improvements for rt signals"
In reply to: Horst von Brand: "Re: Capabilities"
Next in thread: Malcolm Beattie: "Re: Capabilities"
Reply: Malcolm Beattie: "Re: Capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:26 EST