BenEBoy mail@psychoferret.freeserve.co.uk writes:
On Wednesday 19 Feb 2003 5:05 pm, atit_ldce wrote:
i want to assign specific capabilities to specific user or process
i want this because i want my program that is using setsockopt call to run from other user then root
and runnig of setscokopt requires CAP_NET_ADMIN assigned to the user and by default it is assigned to root user only
and i want to assign this to specific user
I believe you need the libcap package/packages.
I'm sure someone can correct me if I'm wrong, but I'd say that allowing a user other than root to use setsockopt is a bit dangerous.
Not at all. Most setsockopt calls are quite safe for ordinary users to use, and they are indeed allowed to user them, and in some cases _have_ to use them to get sensible behaviour (e.g. SO_REUSEADDR).
Some do require extra privilege of some sort, however, and presumably the OP wants to use one of those.