Tom Horsley writes:
On Tue, 26 Jul 2011 14:05:59 +0100 Bryn M. Reeves wrote:> It's presumably being having its capabilities dropped because you are ptracing > an executable with the cap_net_bind_service capability as an unprivileged user > (if it wasn't it would be a security hole as a regular user could use a debugger> to bind arbitrary privileged ports). It is the rsh client program, why on earth would the rsh client need to bind a privileged port?
So that it can prove to the rsh server that it's a connection from a privileged process; so if it says that this is user X connecting, it must really be user X.
Attachment:
pgpxcH8hNx4It.pgp
Description: PGP signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
