On 14.11.2012, at 02:12, Adrian Chadd <adr...@freebsd.org> wrote: > Oh lordie, just hack the kernel to make IP_BINDANY usable by any uid, > not just root. > > I was hoping that capabilitiies would actually be useful these days, > but apparently not. :( > > Then you can stop this FD exchange nonsense and this problem should go away. > :)
Thanks for the suggestion, I'll probably do that regardless of a fix to the unp_gc problem, because it's indeed unnecessary overhead in our scenario. Still that's a workaround you most probably don't want if you have untrusted users on the system or you end up hacking in something comparable to security.mac.seeotheruids.specificgid. Markus _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
