* Rainer Link; on 23 Jan, 2002 wrote:
Well, all the capabilities should be described in /usr/src/linux/include/linux/capability.h
Well I know as I said in my previous mail I had a look to it and it sounds Greek to me as I am not a programmer
You may have a look at ftp://linux.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.2/
Ok this one has the same capfaq.txt which I have founded
or http://www.de.lids.org/lids-howto/node34.html (although the latter one refers obviously to LIDS)
this is new, thanks What I am trying to understand is let's say I am using compartment to chroot apache since it will be binded to port 80 I have to use CAP_NET_BIND_SERVICE if I understood correctly. Since I am using kernel 2.2.19 I cannot use --cap together with --user --group parameters. I can only use --group. I am giving the benefit of doubt that "--group nogroup" is safer than "--group root". So basicly I am looking for explanation or examples of these in "plain English" :-) Thanks for the links though if I cannot find a plain english version I have to study them deep hard before putting the server on the net -- Togan Muftuoglu