diff options
| author | Menno Duursma <druiloor@zonnet.nl> | 2010-05-13 01:00:41 +0200 |
|---|---|---|
| committer | Robby Workman <rworkman@slackbuilds.org> | 2010-05-13 01:00:41 +0200 |
| commit | 29f9bed3aee47afa3187f1101fe5c564f7909867 (patch) | |
| tree | 5f50cedf67bafc6f8c48a9604ce19e38fc4eddbd /system/cage/README.SLACKWARE | |
| parent | 2c4c0749bdc603fd0016ecc638f7810d89fe7a10 (diff) | |
| download | slackbuilds-29f9bed3aee47afa3187f1101fe5c564f7909867.tar.gz | |
system/cage: Added to 13.0 repository
Diffstat (limited to 'system/cage/README.SLACKWARE')
| -rw-r--r-- | system/cage/README.SLACKWARE | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/system/cage/README.SLACKWARE b/system/cage/README.SLACKWARE new file mode 100644 index 0000000000..3cac4ce8e5 --- /dev/null +++ b/system/cage/README.SLACKWARE @@ -0,0 +1,22 @@ +For example: + +root@pc:~# chmod 0755 /bin/ping +root@pc:~# setcap 'cap_net_raw=ie' /bin/ping + +root@pc:~# su menno +menno@pc:/root$ ping -c1 www.zonnet.nl +ping: icmp open socket: Operation not permitted +menno@pc:/root$ exit + +root@pc:~# cage -u 1000 -c 'cap_setuid=pe cap_net_raw=pie' / /bin/sh +menno@pc:/$ ping -c1 www.zonnet.nl +PING www.zonnet.nl (62.58.50.202) 56(84) bytes of data. +64 bytes from www.tele2.nl (62.58.50.202): icmp_seq=1 ttl=116 time=27.0 ms + +--- www.zonnet.nl ping statistics --- +1 packets transmitted, 1 received, 0% packet loss, time 0ms +rtt min/avg/max/mdev = 27.054/27.054/27.054/0.000 ms +menno@pc:/$ /sbin/getpcaps $$ +Capabilities for `7242': = cap_net_raw+i +menno@pc:/$ exit + |