[Wine] Re: binding to privileged Linux ports (<= 1024)
oiaohm
wineforum-user at winehq.org
Sat Feb 6 11:50:22 CST 2010
mc2718 There are reasons CAP_NET_BIND_SERVICE is not default for normal users under Linux.
1) Lot of the 1024 and under ports are items that run for a very long time. So should be protected by running as independent users and preferable have a Linux Secuirty Module configured over them.
If you need to be going near root or capabilities it a warning sign.
843 is one of the big question marks to me. Seriously why. Only use of that I know of is this http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html Its a native perl or python script. Normally you use the python. Now if something else is using that port there could be big trouble.
Even port 80 is question mark.
More information about the wine-users
mailing list