Public bug reported:
Binary package hint: apparmor
I've created the following profile for my application (using logprof tool):
------------------------------------------------------
# Last Modified: Thu May 19 14:09:16 2011
#include <tunables/global>
/tmp/test_lin_new.x flags=(complain) {
#include <abstractions/apache2-common>
#include <abstractions/base>
#include <abstractions/nis>
capability net_bind_service,
}
-----------------------------------------------------
As I understand it should be able to provide access for application to
bind on ports less than 1024, but it does not work.
Man page also confirms this:
> man capabilities
CAP_NET_BIND_SERVICE
Bind a socket to Internet domain privileged ports (port numbers
less than 1024).
But application cannot bind to port less 1024.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794026
Title:
bind to port less than 1024 by non-root user
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
