lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Nov 2007 15:53:03 +0100
From: Radoslaw Szkodzinski (AstralStorm) <lkml@...ralstorm.puszkin.org>
To: Mikael Ståldal
<mikael.staldal-ingen-reklam@...vits.com>
Cc: linux-kernel@...r.kernel.org
Subject: Re: Possibility to adjust the only-root-can-bind-to-port-under-1024
limit
On Tue, 20 Nov 2007 11:14:59 +0100
Mikael Ståldal <mikael.staldal-ingen-reklam@...vits.com> wrote:
> In Linux you have to be root in order to listen to TCP or UDP ports below 1024 (the
> well-known ports). As far as I know, this limit is hardcoded in the kernel.
>
> In some cases, this limit do more harm than good, so it would be nice to be able to adjust it.
The proper way to enable port <= 1024 binding support is adding CAP_NET_BIND_SERVICE to the process capability set, e.g. by using file-system capabilities.
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists