Xusontha to Programmer [email protected] • edit-21 year agoIt's always "temporary troubleshooting"loot.buckodr.inkimagemessage-square23fedilinkarrow-up11.08Karrow-down115file-text
arrow-up11.07Karrow-down1imageIt's always "temporary troubleshooting"loot.buckodr.inkXusontha to Programmer [email protected] • edit-21 year agomessage-square23fedilinkfile-text
minus-square@[email protected]linkfedilink6•1 year agoRecently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
minus-square@uislink3•edit-21 year agoFunfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.
Recently, I learned of the concept of “Linux capabilities”. And yeah, as much as I enjoy reading up on these things, the whole time I was thinking, if something’s fucky with these capabilities, I’ll never remember to check them…
Funfact: if you want to run for example HTTP server, you can run it with CAP_NET_BIND_SERVICE and no_new_priv.