Hi, I was wondering if it were possible to use gradm or grsec to allow non-root users (or possibly a special group) run applications that can bind to ports less than 1024?
I know that it is possible to deny sockets to certain groups, but is it possible to to the reverse and allow any sockets to a certain group?
Thanks!
-Jay
non-root low port binding possible?
2 posts
• Page 1 of 1
non-root low port binding possible?
by lokey » Sat Oct 23, 2004 2:49 pm
- lokey
- Posts: 1
- Joined: Sat Oct 23, 2004 2:42 pm
by cmouse » Thu Oct 28, 2004 5:43 pm
Not really. it's not grsecurity only that denies non-root from binding to <1024 ports. The best method for this is to write an application that binds to the port(s) and then does setuid/setgid calls to change itself to non-root.
- cmouse
- Posts: 98
- Joined: Tue Dec 17, 2002 10:58 am
2 posts
• Page 1 of 1