[Wine] Re: binding to privileged Linux ports (<= 1024)

Sat Feb 6 11:50:22 CST 2010

mc2718  There are reasons CAP_NET_BIND_SERVICE is not default for normal users under Linux.

1)  Lot of the 1024 and under ports are items that run for a very long time.  So should be protected by running as independent users and preferable have a Linux Secuirty Module configured over them.

If you need to be going near root or capabilities it a warning sign.

843 is one of the big question marks to me.   Seriously why.  Only use of that I know of is this http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html  Its a native perl or python script.  Normally you use the python.  Now if something else is using that port there could be big trouble.

Even port 80 is question mark.