On 07/26/2011 02:29 PM, Tom Horsley wrote:
On Tue, 26 Jul 2011 14:05:59 +0100 Bryn M. Reeves wrote:
It's presumably being having its capabilities dropped because you are ptracing an executable with the cap_net_bind_service capability as an unprivileged user (if it wasn't it would be a security hole as a regular user could use a debugger to bind arbitrary privileged ports).
It is the rsh client program, why on earth would the rsh client need to bind a privileged port?
As others have said, that's how rsh "security" "works" - if you need to strace the command as a non-root user you might be able to come up with something involving dropping the file capability and granting cap_net_bind_service to the user you need to strace as (obviously this grants that user the ability to bind any port they like but for debugging you might chose to allow that).
Regards, Bryn.