HPE Community
Operating System - HP-UX
1836973 Members
2562 Online
110111 Solutions
New Discussion

Re: Can any user bind port <1024

 
KapilRaj
Honored Contributor

‎09-20-2002 10:06 AM

‎09-20-2002 10:06 AM

Can any user bind port <1024

Chaps,

I hv a doubt & it goes as follows,

-- Can any user bind port number less than 1024
-- If i start an application (tomcat-servelett engine) to listen on port 80 by a normal user, Is that going to fail ?

Kapil Raj
Nothing is impossible
0 Kudos
Reply
8 REPLIES 8
Jordan Bean
Honored Contributor

‎09-20-2002 10:08 AM

‎09-20-2002 10:08 AM

Re: Can any user bind port <1024

Only superuser can bind port < 1024.
0 Kudos
Reply
KapilRaj
Honored Contributor

‎09-20-2002 10:15 AM

‎09-20-2002 10:15 AM

Re: Can any user bind port <1024

Are you sure on that ?. I hv an application called OAS (Oracle application Server) listening on port 80. It is started by a normal user.

Kapil
Nothing is impossible
0 Kudos
Reply
Jordan Bean
Honored Contributor

‎09-20-2002 10:29 AM

‎09-20-2002 10:29 AM

Re: Can any user bind port <1024


Yes. Only superuser can bind port < 1024.

OAS is either invoked by root to bind the port before it changes to another user, or the application uses setuid execution.

0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎09-20-2002 10:29 AM

‎09-20-2002 10:29 AM

Re: Can any user bind port <1024

Hi:

The so-called "well-known-ports" fall into the range below 1024 and cannot be bound unless the *effective* uid of the process is root's.

Regards!

...JRF...

0 Kudos
Reply
KapilRaj
Honored Contributor

‎09-20-2002 10:37 AM

‎09-20-2002 10:37 AM

Re: Can any user bind port <1024

ok guys,

if u masters are so confident on it . I still hv to convince myself & the only way to accomplish that is to check up how OAS is started in my environment.

kaps
Nothing is impossible
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

‎09-20-2002 10:43 AM

‎09-20-2002 10:43 AM

Re: Can any user bind port <1024

Yup. He's right.

From /usr/include/netinet/in.h


/*
* Ports < IPPORT_RESERVED are reserved for
* privileged processes (e.g. root).
* Ports > IPPORT_USERRESERVED are reserved
* for servers, not necessarily privileged.
*/
#define IPPORT_RESERVED 1024

Make sure your effective UID isn't really root (e.g. is the program setuid?).
0 Kudos
Reply
Anil C. Sedha
Trusted Contributor

‎09-20-2002 11:24 AM

‎09-20-2002 11:24 AM

Re: Can any user bind port <1024

Kapil

Only superuser binds ports less than 1024.

Now, do you have any entry for OAS in your /etc/inetd.conf file for a lower port number.

I believe your OAS application is executed using super user rights while startup if it doesn't start using inetd.

Regards,
Anil
If you need to learn, now is the best opportunity
0 Kudos
Reply
Sean OB_1
Honored Contributor

‎09-21-2002 04:52 AM

‎09-21-2002 04:52 AM

Re: Can any user bind port <1024

All ports below 1024 are reserved for root processes.

No user can bind to a port below that unless they use setuid.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.