wdes/security
1
0
Fork 0
Code Actions Packages Releases Activity

Document binding port 80

Browse Source
This commit is contained in:
William Desportes
2025-03-01 15:50:32 +01:00
parent 605c4d3256
commit 4d13491415
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
snow-scanner/debian/snow-scanner-worker.service
View File

@ -55,6 +55,9 @@ SystemCallArchitectures=native
# Allow icmp
#AmbientCapabilities=CAP_NET_RAW
# Add this one for ports < 1024
#AmbientCapabilities=CAP_NET_BIND_SERVICE
# sets up a new /dev/ mount for the executed processes and only adds API pseudo devices such as /dev/null, /dev/zero or /dev/random to it,
# but no physical devices such as /dev/sda, system memory /dev/mem, system ports /dev/port and others.
# This is useful to turn off physical device access by the executed process

3
snow-scanner/debian/snow-scanner.service
View File

@ -55,6 +55,9 @@ SystemCallArchitectures=native
# Allow icmp
#AmbientCapabilities=CAP_NET_RAW
# Add this one for ports < 1024
#AmbientCapabilities=CAP_NET_BIND_SERVICE
# sets up a new /dev/ mount for the executed processes and only adds API pseudo devices such as /dev/null, /dev/zero or /dev/random to it,
# but no physical devices such as /dev/sda, system memory /dev/mem, system ports /dev/port and others.
# This is useful to turn off physical device access by the executed process