Created
May 17, 2016 20:14
-
-
Save totoCZ/b0a048d688af78e78f45609880ef4d67 to your computer and use it in GitHub Desktop.
setcap 'cap_net_bind_service=+ep' for FreeBSD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ref. | |
| # https://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4 | |
| # https://www.freebsd.org/doc/handbook/mac-policies.html | |
| # load the kernel module | |
| kldload mac_portacl | |
| # set the new security rules | |
| sysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443 | |
| # disable default port protection | |
| sysctl net.inet.ip.portrange.reservedhigh=0 | |
| # -> | |
| # /boot/loader.conf | |
| # /etc/sysctl.conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment