|
|
发表于 2003-7-14 21:29:52
|
显示全部楼层
Sockfs: a pseudo-filesystem for user/group-based access to privileged ports
sockfs is a pseudo-filesystem which allows the setting of owner, group and permissions for each reserved internet-domain port (i.e. family AF_INET, ports 1-1024). When mounted, directory entries for each reserved port appear (named 1, 2, 3, etc., rather like the procfs entries for each process named by PID).
The filesystem replaces the kernel privilege check for binding reserved ports. Instead of the default check which allows only root to bind to reserved ports, it checks whether the appropriate entry in the sockfs filesystem is writable by the process attempting the bind(). Owner, group and "other" bits are checked just as for ordinary file permission checks. The superuser (in fact, the fsuser just as for ordinary filesystems) is always granted permission. The filesystem allows the owner, group and permission bits to be changed by whoever has write access to the root of the mounted filesystem (usually root alone).
i guess linux try to treat everything as a fs. of course this will bring overhead. |
|
IP卡
狗仔卡
发表于 2003-7-14 17:56:42
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
