[Mono-list] Problem with Syscall (or how to bind port 443 as a non-privileged user)
Peter Hultqvist
phq at silentorbit.com
Tue Mar 4 12:35:19 UTC 2014
On 4 mars 2014 13:32:57 CET, "Edward Ned Harvey (mono)" <edward.harvey.mono at clevertrove.com> wrote:
>> From: Peter Hultqvist [mailto:phq at silentorbit.com]
>>
>> I have used mkbundle together with "setcap 'cap_net_bind_service=+ep'
>> /path/to/my-bin"
>> That way I get a binary which can listen to privileged ports without
>> running as root.
>
>So - First of all, the cap_net_bind_service permission has to be
>applied to the file ... But it's the "mono" executable that needs it,
>right? I actually tried applying that permission to both the mono
>executable and the exe file, but even so, I still got access denied.
>Not sure why. I checked my kernel version, and I think it should have
>worked ...
>
>I would consider it to be a bad thing, if the permission needs to be
>applied to the mono executable. And based on my understanding, that's
>what I think is actually required.
>
No, You should only do it to the binary generated by mkbundle from your .exe.
More information about the Mono-list
mailing list