grsecurity forums


https://forums.grsecurity.net./

non-root low port binding possible?

https://forums.grsecurity.net./viewtopic.php?f=3&t=971

Page 1 of 1

non-root low port binding possible?

PostPosted: Sat Oct 23, 2004 2:49 pm
by lokey
Hi, I was wondering if it were possible to use gradm or grsec to allow non-root users (or possibly a special group) run applications that can bind to ports less than 1024?

I know that it is possible to deny sockets to certain groups, but is it possible to to the reverse and allow any sockets to a certain group?

Thanks!

-Jay

PostPosted: Thu Oct 28, 2004 5:43 pm
by cmouse
Not really. it's not grsecurity only that denies non-root from binding to <1024 ports. The best method for this is to write an application that binds to the port(s) and then does setuid/setgid calls to change itself to non-root.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/