Re: allowing ordinary users to open privileged ports

From: Brian Hatch (bri_at_ifokr.org)
Date: 09/11/04

  • Next message: Reg Quinton: "Re: allowing ordinary users to open privileged ports"
    Date: Fri, 10 Sep 2004 16:40:53 -0700
    To: randy calma repasa <rrepasa@ekonek.com>
    
    
    

    > Has anyone in the list successfully tried allowing ordinary
    > users to open privileged (< 1024) ports? We have a solaris 8 on sparc
    > machine running an (java) application that normally uses ports > 1024;
    > however a client requested the application to use privileged ports
    > instead.

    Could you keep the app running on it's existing high numbered
    port and have a process redirect traffic to it from the low
    numbered port? rinetd listening on port 800, redirecting to
    port 8888 for example. Could do the same thing with tcp
    stack games depending on what you have available too, or on
    a firewall/etc that's in front of it.

    -- 
    Brian Hatch                  The Schroedinger petshop
       Systems and                is currently closed, due
       Security Engineer          to unforseen circumstances.
    http://www.ifokr.org/bri/
    Every message PGP signed
    
    



  • Next message: Reg Quinton: "Re: allowing ordinary users to open privileged ports"

    Relevant Pages

    • Re: UDP & security
      ... that could be because some other program is listening on the same port. ... possibly a second instance of your app running?? ... > I am thinking this is privledge related to the users profile. ...
      (microsoft.public.win2000.security)
    • Non-80 Port Number and Web Controls
      ... I have an ASP.Net app running on localhost:9090. ... to my test.aspx form the tag gets to the browser has it's ... Shouldn't ASP.NET recognize the port that the application is running on ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Non-80 Port Number and Web Controls
      ... always go to the current domain and port. ... it is the browser that sends the form or processes links. ... >I have an ASP.Net app running on localhost:9090. ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Converting ipchains rules to iptables!
      ... > # Deny TCP and UDP packets to privileged ports ... When referring to a port in iptables, you refer to either destination port ... This wont let *any* *new* packets in on $EXTIF, you just put your holes in ...
      (comp.security.firewalls)
    • Re: cant bind to port: 80 Permission denied
      ... I try to run a webserver on my machine, but when I start it, it tell ... me that it cannot bind to port 80. ... are privileged ports available to root code ... tauno voipio iki fi ...
      (comp.os.linux.networking)