Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Python: Bind to port 80 as root, then drop privileges?
Top Forums Shell Programming and Scripting Python: Bind to port 80 as root, then drop privileges? Post 302277977 by Ilja on Monday 19th of January 2009 03:10:31 AM
Old 01-19-2009
Python: Bind to port 80 as root, then drop privileges?
I have written a small web server in Python, and now I would like to run it on port 80, but in order to be able to bind to a port below 1024 I need to have root privileges. I don't want to run the server as root, though. How can I bind to port 80 as root and then drop root privileges?

Thankful for help.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Root privileges &Sudoer

Hi guys... how can a root assign a user all or most of the root privileges? is sudoer comand enough 4 this? thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies

2. Programming

root privileges

Hi I have make a program that needs root privleges but any user can try to run it, so what I want it is, when any user tries( other than root ) to run the program, an input prompt would open to enter root password ( if user knows ) and program will run ( otherwise exit ), and after completing... (21 Replies)
Discussion started by: sumsin
21 Replies

3. UNIX for Dummies Questions & Answers

root privileges

Hello, As admin with root rights, to execute any command from another user without password-ask, I do : su - <user> -c "<cmd>" But how can I do to give the same rights to another physical user without using root user ? :confused: I've try to create another user "toor" with the same primary... (4 Replies)
Discussion started by: madmat
4 Replies

4. Linux

grant root privileges to ordinary user

Hi, Is it possible to grant root privileges to an ordinary user? Other than 'sudo', is there some way under Users/Groups configuration? I want ordinary user to be able to mount, umount and use command mt. /Brendan (4 Replies)
Discussion started by: brendan76
4 Replies

5. Shell Programming and Scripting

Privileges like root

My English is no very good. I must make a bash scripting sh create like a backdoor, and when execute the script a user without privileges convert in super user or root, whithout introducing the password. In Spanish: Crear un script que sirva como puerta trasera al sistema, de manera que al... (1 Reply)
Discussion started by: kitievbr
1 Replies

6. Solaris

Gaining root privileges

Hello I am a new (and only) administrator of a Solaris 10 environment. The previous admin gave me a use (say user123) that is supposed to have administrative privileges. Now the problem is, the user does not have this privilege! Here is what i tried so far: $ id uid=109(user123) gid=1(other)... (3 Replies)
Discussion started by: abohmeed
3 Replies

7. HP-UX

User with root privileges in hp ux

hi, i am new in hp ux and i must create a user with root privileges and so i disable ssh connection from root login. thanks.. (6 Replies)
Discussion started by: eliste
6 Replies

8. Emergency UNIX and Linux Support

Proxmox dedicated Port forwarding issue Using Default Drop Chain filter

Hi Everyone, Hope all Doing good, we have a Dedicated server and its installed with proxmox VE 3.2, My Need is i want Protect my server and only i need to allow the specific port in the server, And i want to forward some of ports 22,80,443 to those VM's inside my dedicated... (0 Replies)
Discussion started by: babinlonston
0 Replies

9. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

10. Infrastructure Monitoring

Monitoring tools that do NOT require root privileges

Hi guys, I am currently managing an application running on around 150 servers. I only have application usage rights on those servers and do not have any root privileges. I have an external node that can connect to those servers and I have root privileges on that one box. I want to setup... (2 Replies)
Discussion started by: Junaid Subhani
2 Replies

LEARN ABOUT SUSE

sm-notify

sm-notify(8)						      System Manager's Manual						      sm-notify(8)

NAME

       sm-notify - Send out NSM reboot notifications

SYNOPSIS

       /sbin/sm-notify [-dfq] [-m time] [-p port] [-P path] [-v my_name ]

DESCRIPTION

       File locking over NFS (v2 and v3) requires a facility to notify peers in case of a reboot, so that clients can reclaim locks after a server
       crash, and/or servers can release locks held by the rebooted client.

       This is a two-step process: during normal operations, a mechanism is required to keep track of which hosts need to be informed of a reboot.
       And of course, notifications need to be sent out during reboot.	The protocol used for this is called NSM, for Network Status Monitor.

       This  implementation  separates	these into separate program.  rpc.statd tracks hosts which need to be notified and this sm-notify performs
       the notification.  When rpc.statd is started it will typically started sm-notify but this is configurable.

   Operation
       For each NFS client or server machine to be monitored, rpc.statd creates a file in /var/lib/nfs/sm, and removes the file if  monitoring	is
       no longer required.

       When the machine is rebooted, sm-notify iterates through these files and notifies the peer statd server on those machines.

       Each  machine  has  an NSM state , which is basically an integer counter that is incremented each time the machine reboots. This counter is
       stored in /var/lib/nfs/state, and updated by sm-notify.

   Security
       sm-notify has little need for root privileges and so drops them as soon as possible.  It continues to need to make changes to  the  sm  and
       sm.bak  directories so to be able to drop privileges, these must be writable by a non-privileged user.  If these directories are owned by a
       non-root user, sm-notify will drop privilege to match that user once it has created sockets for sending out request  (for  which  it  needs
       privileged) but before it processes any reply (which is the most likely source of possible privilege abuse).

OPTIONS

       -m failtime
	      When  notifying  hosts,  sm-notify will try to contact each host for up to 15 minutes, and will give up if unable to reach it within
	      this time frame.

	      Using the -m option, you can override this. A value of 0 tells sm-notify to retry indefinitely; any other value  is  interpreted	as
	      the maximum retry time in minutes.

       -v ipaddr-or-hostname
	      This  option tells sm-notify to bind to the specified ipaddr, (or the ipaddr of the given hostname) so that all notification packets
	      originate from this address.  This is useful for NFS failover.  The given name is also used as the name of  this	host  in  the  NSM
	      request.

       -p port
	      instructs  sm-notify  to bind to the indicated IP port number. If this option is not given, it will try to bind to a randomly chosen
	      privileged port below 1024.

       -q     Be quiet. This suppresses all messages except error messages while collecting the list of hosts.

       -P /path/to/state/directory
	      If sm-notify should look in a no-standard place of state file, the path can be given here.  The directories sm and  sm.bak  and  the
	      file state must exist in that directory with the standard names.

       -f     If  the  state  path has not been reset with -P, sm-notify will normally create a file in /var/run to indicate that it has been run.
	      If this file is found when sm-notify starts, it will not run again (as it is normally only needed once  per  reboot).   If  -f  (for
	      force) is given, sm-notify will run even if the file in /var/run is present.

       -n     Do not update the NSM state. This is for testing only.  Setting this flag implies -f.

       -d     Enables  debugging.   By	default,  sm-notify  forks  and  puts  itself  in  the	background  after obtaining the list of hosts from
	      /var/lib/nfs/sm.

FILES

       /var/lib/nfs/state
       /var/lib/nfs/sm/*
       /var/lib/nfs/sm.bak/*
       /var/run/sm-notify.pid

SEE ALSO

       rpc.nfsd(8), portmap(8)

AUTHORS

       Olaf Kirch <okir@suse.de>

								    19 Mar 2007 						      sm-notify(8)
All times are GMT -4. The time now is 12:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy