On Thursday 22 April 2010, Alexey Eremenko wrote: > On Thu, Apr 22, 2010 at 11:41 AM, Vasily Levchenko > > <[email protected]> wrote: > >>> have you compiled VBox with hardening? > >> > >> No > > > > It's a reason why VBox NAT can't open ICMP (raw socket). you can use > > ICMP with non-hardened build if launch VBox under root only. > > Why is this important ? How hardening affects NAT raw sockets ?
As Vasily wrote: To use ICMP the process must be able to open a raw socket. This isn't allowed for regular processes because this requires a special capability (cap_net_raw). Kind regards, Frank -- Dr.-Ing. Frank Mehnert Sitz der Gesellschaft: Sun Microsystems GmbH, Sonnenallee 1, 85551 Kirchheim-Heimstetten Amtsgericht München: HRB 161028 Geschäftsführer: Jürgen Kunz
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ vbox-dev mailing list [email protected] http://vbox.innotek.de/mailman/listinfo/vbox-dev
