Created
January 27, 2025 13:12
-
-
Save garywill/09a878e2e5c4d5f662dc1cdd52d08d97 to your computer and use it in GitHub Desktop.
Bind (listen) <1024 ports without whole root (cap_net_bind_service), with capsh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo capsh --caps='cap_net_bind_service+eip cap_setpcap,cap_setuid,cap_setgid+ep' \ | |
| --keep=1 --user=non-root-user --addamb=cap_net_bind_service -- \ | |
| -c '/path/to/your/command' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment