Why does inet_bind (instead of socket_bind) check that ports below 1024 require
CAP_NET_BIND_SERVICE?
Couldn't this check be moved to the dummy socket_bind so that the behaviour can
be changed by a security module?
---
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index cf358c8..d75a2c5
Why does inet_bind (instead of socket_bind) check that ports below 1024 require
CAP_NET_BIND_SERVICE?
Couldn't this check be moved to the dummy socket_bind so that the behaviour can
be changed by a security module?
---
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index cf358c8..d75a2c5
2 matches
Mail list logo