[Fwd: How to listen port under 1024 with non-root user] - Discuss - lists.centos.org

List overview All Threads
Download

[Fwd: How to listen port under 1024 with non-root user]

hamachi on Centos 4.3

CentOS-4.3 and PHP PostgreSQL...

dxuranus

6 Jul 2006 6 Jul '06

12:56 a.m.

I make a simple mail program which need listen port 25 and 110.but i found it's imposible , after searching with google i found non-root user can't listen port under 1024.at first i try a script(witch lauch my program) and use setuid but that still did't work.any way can handle this. Thanks for any help.

Attachments:

attachment.eml (message/rfc822 — 643 bytes)

Reply

Show replies by date

Jason Bradley Nance

6 Jul 6 Jul

1:06 a.m.

at first i try a script(witch lauch my program) and use setuid but that still did't work.

You can't suid bash scripts. It's a security feature. Your other options would be to write a wrapper in something such as C or Perl to change what user the script runs as.

j

-- Jason Bradley Nance What would you cry for? aitrus@tresgeek.net Swallow your pride for? Tres Geek What would you go wild for? http://tresgeek.net/ -Poe, "Wild" --

Reply

Rodrigo Barbosa

1:07 a.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Thu, Jul 06, 2006 at 08:56:17AM +0800, dxuranus wrote:

I make a simple mail program which need listen port 25 and 110.but i found it's imposible , after searching with google i found non-root user can't listen port under 1024.at first i try a script(witch lauch my program) and use setuid but that still did't work.any way can handle this. Thanks for any help.

Yes, that is correct. It is impossible, on the Unix model, for a non-root program to listen to a privileged port (<1024).

The best solution is for the program to start as root, bind to the port, than lower its privileges using the setuid() family of functions. I particularly enjoy setreuid().

- -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

...PGP SIGNATURE...

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFErGJIpdyWzQ5b5ckRAvKRAKCYWoM4usgiGkNdujELoV6kXzUW0wCggcyj l7IHsLPxOjMAsSnTmVmb0ZU= =HCbi -----END PGP SIGNATURE-----

Reply

bryan davis

4:25 a.m.

You can also use iptables to redirect the packets

/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -d <your ip> --dport 25 -j REDIRECT --to-port <high port your script listens on>

I've used this for java programs in the past.

----- Original Message ----- From: "dxuranus" dxuranus@gmail.com To: "centos" CentOS@centos.org Sent: Wednesday, July 05, 2006 7:56 PM Subject: [CentOS] [Fwd: How to listen port under 1024 with non-root user]

I make a simple mail program which need listen port 25 and 110.but i found it's imposible , after searching with google i found non-root user can't listen port under 1024.at first i try a script(witch lauch my program) and use setuid but that still did't work.any way can handle this. Thanks for any help.

--------------------------------------------------------------------------------

CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos

Reply

6863

Age (days ago)

6863

Last active (days ago)

discuss@lists.centos.org

3 comments

4 participants

tags (0)

participants (4)

bryan davis
dxuranus
Jason Bradley Nance
Rodrigo Barbosa