Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to allow nonroot user to bind to port 80
Operating Systems Solaris How to allow nonroot user to bind to port 80 Post 77017 by reborg on Saturday 2nd of July 2005 01:08:11 PM
Old 07-02-2005
It would probably be easier to relay 80 to an unpriveleged port, using, for example, ipfilters.
 

9 More Discussions You Might Find Interesting

1. Linux

Unblock port 80 for none root user

Hi all, I am running an oracle application server but the problem is that the default port it is using is 7777 and if i want to make it port 80 i have to run the server as root which something i do not want to do. If i understand well to run on a port under 1024 the application needs root... (1 Reply)
Discussion started by: staind_art
1 Replies

2. Linux

resticting user to login using putty on port 21(ftp)

Hi, I am having small query and wheather it is possible ? that user can transfer the files using ftp client examples (filezilla) , but he can not use putty to login using ftp and run the commands, Regards, Manoj (2 Replies)
Discussion started by: manoj.solaris
2 Replies

3. Shell Programming and Scripting

Python: Bind to port 80 as root, then drop privileges?

I have written a small web server in Python, and now I would like to run it on port 80, but in order to be able to bind to a port below 1024 I need to have root privileges. I don't want to run the server as root, though. How can I bind to port 80 as root and then drop root privileges? Thankful... (0 Replies)
Discussion started by: Ilja
0 Replies

4. UNIX for Dummies Questions & Answers

permission to bind a socket to port 843?

I have written a flash socket security file server in PHP. The basic idea is that when Flash Player connects via socket to a server, the first thing it does is connect to port 843 and send a request for a 'socket policy file' by sending the string <policy-file-request/>. The problem I have is... (5 Replies)
Discussion started by: sneakyimp
5 Replies

5. Linux

How do I run HTTP server on port 80 using a non root user?

Hi experts, I want to run HTTP server on port 80, I learn from somewhere that it MUST not be run as root for security reason, how to do that? Thank you in advance! (14 Replies)
Discussion started by: kevintse
14 Replies

6. Solaris

How to enable Serial port on ILOM, when Network Port is enabled in parallel

Hi Everyone, In my environment, I have few T5220. On the iLOM Management Card, I have both Network and Serial port are cabled, I don't have any issues while I try to connect using Network Management port, but when I try to connect the serial port for the same server which is actually connected... (3 Replies)
Discussion started by: bobby320
3 Replies

7. Emergency UNIX and Linux Support

Script to check if user can bind, then output to file

Hi, I've been trying to find the answer with no luck. I'm hoping someone can help me. Here's what I need to do: Run a KSH script that will check: 1. Server (Client) Type (AIX 5.3, 6.1, SUSE, and HP-UX are the possibilities). 2. LDAP.cfg is configured correctly and the ldap client... (3 Replies)
Discussion started by: tekster2
3 Replies

8. Solaris

Cabling and adapters to communicate to service processor serial port from Windows PC with USB port.

Hello, I have an unloaded T5140 machine and want to access the ILOM for the first time and subsequently the network port after that., and then load Solaris 10 the final January 2011 build. The first part is what confuses me -the cabling. I am coming from a Windows machine (w/appropriate... (5 Replies)
Discussion started by: joboy
5 Replies

9. Solaris

How to find port number wwn of particular port on dual port HBA,?

please find the below o/p for your reference bash-3.00# fcinfo hba-port HBA Port WWN: 21000024ff295a34 OS Device Name: /dev/cfg/c2 Manufacturer: QLogic Corp. Model: 375-3356-02 Firmware Version: 05.03.02 FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies

LEARN ABOUT NETBSD

bind

BIND(2) 						      BSD System Calls Manual							   BIND(2)

NAME

     bind -- bind a name to a socket

LIBRARY

     Standard C Library (libc, -lc)

SYNOPSIS

     #include <sys/socket.h>

     int
     bind(int s, const struct sockaddr *name, socklen_t namelen);

DESCRIPTION

     bind() assigns a name to an unnamed socket.  When a socket is created with socket(2) it exists in a name space (address family) but has no
     name assigned.  bind() requests that name be assigned to the socket.  namelen indicates the amount of space pointed to by name, in bytes.

NOTES

     Binding a name in the UNIX domain creates a socket in the file system that must be deleted by the caller when it is no longer needed (using
     unlink(2)).

     The rules used in name binding vary between communication domains.  Consult the manual entries in section 4 for detailed information.

RETURN VALUES

     If the bind is successful, a 0 value is returned.	A return value of -1 indicates an error, which is further specified in the global errno.

ERRORS

     The bind() call will fail if:

     [EBADF]		s is not a valid descriptor.

     [ENOTSOCK] 	s is not a socket.

     [EADDRNOTAVAIL]	The specified address is not available from the local machine.

     [EADDRINUSE]	The specified address is already in use.

     [EINVAL]		The socket is already bound to an address.

     [EINVAL]		The family of the socket and that requested in name->sa_family are not equivalent.

     [EACCES]		The requested address is protected, and the current user has inadequate permission to access it.

     [EFAULT]		The name parameter is not in a valid part of the user address space.

     The following errors are specific to binding names in the UNIX domain.

     [ENOTDIR]		A component of the path prefix is not a directory.

     [ENAMETOOLONG]	A component of a pathname exceeded {NAME_MAX} characters, or an entire path name exceeded {PATH_MAX} characters.

     [ENOENT]		A prefix component of the path name does not exist.

     [ELOOP]		Too many symbolic links were encountered in translating the pathname.

     [EIO]		An I/O error occurred while making the directory entry or allocating the inode.

     [EROFS]		The name would reside on a read-only file system.

     [EISDIR]		An empty pathname was specified.

SEE ALSO

     connect(2), getsockname(2), listen(2), socket(2)

HISTORY

     The bind() function call appeared in 4.2BSD.

SECURITY CONSIDERATIONS

     bind() was changed in NetBSD 1.4 to prevent the binding of a socket to the same port as an existing socket when all of the following is true:
	   o   either of the existing or new addresses is INADDR_ANY,
	   o   the uid of the new socket is not root, and the uids of the creators of the sockets are different,
	   o   the address is not a multicast address, and
	   o   both sockets are not bound to INADDR_ANY with SO_REUSEPORT set.

     This prevents an attack where a user could bind to a port with the host's IP address (after setting SO_REUSEADDR) and 'steal' packets des-
     tined for a server that bound to the same port with INADDR_ANY.

     bind() was changed in NetBSD 4.0 to honor the user's umask when binding sockets in the local domain.  This was done to match the behavior of
     other operating systems, including FreeBSD, OpenBSD, and Linux, and to improve compatibility with some third-party software.  Please note
     that this behavior is not portable.  If you must bind a local socket in a portable and secure way, you need to make a directory with tight
     permissions and then create the socket inside it.

BSD
								  August 30, 2005							       BSD
All times are GMT -4. The time now is 04:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy