diff options
author | Ondrej Zajicek <santiago@crfreenet.org> | 2011-05-10 02:42:17 +0200 |
---|---|---|
committer | Ondrej Zajicek <santiago@crfreenet.org> | 2011-05-10 02:42:17 +0200 |
commit | 1bc2695744c729804af32d48ce68854cba4de8f7 (patch) | |
tree | e4c165bc0bba244437c462247fd7ffcd842c0918 /sysdep/cf/README | |
parent | 46bb7e0d176a4dc0a47bb406988f92fb29cceaf4 (diff) |
Allows run with restricted privileges.
Adds option -u and -g to specify user and group.
When different user (than root) is specified,
linux capabilities CAP_NET_* are kept.
Diffstat (limited to 'sysdep/cf/README')
-rw-r--r-- | sysdep/cf/README | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sysdep/cf/README b/sysdep/cf/README index 15a45a65..3b5bcd4f 100644 --- a/sysdep/cf/README +++ b/sysdep/cf/README @@ -6,6 +6,7 @@ CONFIG_SELF_CONSCIOUS We're able to recognize whether route was installed by us CONFIG_MULTIPLE_TABLES The kernel supports multiple routing tables CONFIG_ALL_TABLES_AT_ONCE Kernel scanner wants to process all tables at once CONFIG_MC_PROPER_SRC Multicast packets have source address according to socket saddr field +CONFIG_RESTRICTED_PRIVILEGES Implements restricted privileges using drop_uid() CONFIG_UNIX_IFACE Use Unix interface scanner CONFIG_UNIX_SET Use Unix route setting @@ -19,3 +20,4 @@ CONFIG_UNNUM_MULTICAST krt-iface: We support multicasts on unnumbered PtP device CONFIG_LINUX_MC_MREQN Linux: Use struct mreqn for multicasting CONFIG_LINUX_MC_MREQ Linux: Use struct mreq CONFIG_LINUX_MC_MREQ_BIND Linux: Use struct mreq and SO_BINDTODEVICE + |