LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

raw.7: Clarify user namespace requirements for CAP_NET_RAW 

Also remove mention of UID 0 as a method or creating
a raw socket. As far as I can tell from reading the
kernel source (net/ipv4/af_inet.c), this is not true.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-09-12 19:25:44 +01:00
parent f71d155750
commit af0cb4bd54
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
man7/raw.7
View File

@ -30,9 +30,9 @@ socket option is enabled on the socket.
When it is enabled, the packet must contain an IP header.
For receiving, the IP header is always included in the packet.
Only processes with an effective user ID of 0 or the
In order to create a raw socket, a process must have the
.B CAP_NET_RAW
capability are allowed to open raw sockets.
capability in the user namespace that governs its network namespace.
All packets or errors matching the
.I protocol