Re: TCP EAGAIN/EACCESS for outbound connections.

H. Peter Anvin (hpa@transmeta.com)
23 Nov 1998 22:13:54 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mr. Joshua Lambert: "to be English or not to be English"
Previous message: Rik van Riel: "Re: Running 2.1.129 at extrem load [patch] (Was: Linux-2.1.129..)"

Followup to: <19981118130820.F8343@uni-koblenz.de>
By author: ralf@uni-koblenz.de
In newsgroup: linux.dev.kernel
>
> On Tue, Nov 17, 1998 at 02:02:58AM +0000, David wrote:
>
> > ok. here's more on the scoop. root can successfully ssh out. reason?
> > it calls bind() on a socket < 1023. a normal user can't and ssh fails.
> >
> > here's snippet from proftpd. an irc client also returns permission denied.
> >
> > [pid 28138] socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 4
> > [pid 28138] setsockopt(4, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
> > [pid 28138] bind(4, {sin_family=AF_INET, sin_port=htons(0),
> > sin_addr=inet_addr("207.213.0.47")}, 16) = -1 EACCES (Permission denied)
>
> SUID bit lost from the ssh executable? Ssh should be SUID root.
>

Not necessarily. It can be configured either way. In this particular
case it is passing sin_port=htons(0), which means allocate any free
number, which it wouldn't be doing if it wanted a privileged port.

-hpa

-- 
    PGP: 2047/2A960705 BA 03 D3 2C 14 A8 A8 BD  1E DF FE 69 EE 35 BD 74
    See http://www.zytor.com/~hpa/ for web page and full PGP public key
        I am Bahá'í -- ask me about it or see http://www.bahai.org/
   "To love another person is to see the face of God." -- Les Misérables

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mr. Joshua Lambert: "to be English or not to be English"
Previous message: Rik van Riel: "Re: Running 2.1.129 at extrem load [patch] (Was: Linux-2.1.129..)"