Xusontha to Programmer [email protected] • edit-21 year agoIt's always "temporary troubleshooting"loot.buckodr.inkimagemessage-square23fedilinkarrow-up11.09Karrow-down115file-text
arrow-up11.07Karrow-down1imageIt's always "temporary troubleshooting"loot.buckodr.inkXusontha to Programmer [email protected] • edit-21 year agomessage-square23fedilinkfile-text
minus-square@lightnegativelink1•1 year agoFirst thing to do if you need a functioning server Unless you’re a security guy and get off on people not being able to do their jobs due to Access Denied
minus-square@[email protected]linkfedilink6•1 year agoRecently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
minus-square@uislink3•edit-21 year agoFunfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
(after) …ah crap it’s actually selinux…
SELINUX=disabled
First thing to do if you need a functioning server
Unless you’re a security guy and get off on people not being able to do their jobs due to Access Denied
Recently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
Funfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
deleted by creator