binding socket fails when run under ptrace?
Sam Varshavchik
mrsam at courier-mta.com
Tue Jul 26 13:37:35 UTC 2011
Tom Horsley writes:
> On Tue, 26 Jul 2011 14:05:59 +0100
> Bryn M. Reeves wrote:
>
> > It's presumably being having its capabilities dropped because you are
> ptracing
> > an executable with the cap_net_bind_service capability as an unprivileged
> user
> > (if it wasn't it would be a security hole as a regular user could use a
> debugger
> > to bind arbitrary privileged ports).
>
> It is the rsh client program, why on earth would the rsh client need to bind
> a privileged port?
So that it can prove to the rsh server that it's a connection from a
privileged process; so if it says that this is user X connecting, it must
really be user X.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110726/da74325a/attachment.bin
More information about the users
mailing list