> From: Peter Hultqvist [mailto:[email protected]] > > I have used mkbundle together with "setcap 'cap_net_bind_service=+ep' > /path/to/my-bin" > That way I get a binary which can listen to privileged ports without > running as root.
So - First of all, the cap_net_bind_service permission has to be applied to the file ... But it's the "mono" executable that needs it, right? I actually tried applying that permission to both the mono executable and the exe file, but even so, I still got access denied. Not sure why. I checked my kernel version, and I think it should have worked ... I would consider it to be a bad thing, if the permission needs to be applied to the mono executable. And based on my understanding, that's what I think is actually required. > Your method is probably better since it prevents further use of > privileged ports. > > Also you could possible use iptables to redirect to a higher port number. Yeah, I thought of that. (Meaning, found it on google and thought about it.) Things *could* end up this way if other plans don't go well. _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
