[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: socket-based activation has unmaintainable security?

On Thu, Feb 07, 2013 at 10:28:28AM +1100, Russell Coker wrote:
> Such capabilities allow the process to bind to all low ports, which usually 
> isn't what you desire.  If you want to permit a daemon to bind to exactly one 
> reserved port and no others then it seems that the options are systemd (if the 
> daemon supports socket based activation) and SE Linux.

(x)inetd, no?

Kind regards
Philipp Kern

Attachment: signature.asc
Description: Digital signature

Reply to: