LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 05-05-2009, 03:42 PM   #1
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Rep: Reputation: 49
need permission for apache-launched daemon to bind on port under 1024


I have written a flash socket security file server in PHP. The basic idea is that when Flash Player connects via socket to a server, the first thing it does is connect to port 843 and send a request for a 'socket policy file' by sending the string <policy-file-request/>.

The problem I have is that in order to launch this daemon script, I apparently need root level access in order to bind a socket to any port under 1024.

Can anyone recommend some way to let this php script bind to port 843 without needing root-level access? That seems like a big security risk to me -- especially if I want to launch this daemon using a php page hosted by apache. giving apache root-level access sounds like a VERY BAD idea.
 
Old 05-05-2009, 06:18 PM   #2
bigearsbilly
Senior Member
 
Registered: Mar 2004
Location: england
Distribution: FreeBSD, Debian, Mint, Puppy
Posts: 3,276

Rep: Reputation: 170Reputation: 170
apache is always started by root ain't it.
is on my BSD anyway.
I don't think non root can open such a port.
 
Old 05-05-2009, 08:56 PM   #3
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
i know that one way to get permission to open on port less than 1024 is to sudo as root.

another is to su root and do it first.

there are also other ways like sudoers. I've also heard that you can use some kind of ip table thing which would either reroute 843 requests to some other port about 1024 or something. I don't really know.

Any tips would be helpful. I'm still searching. Someone had suggested turning my daemon thing into a startup process like apache or mysql which launches are root then relinquishes permissions once it is rolling.

Last edited by sneakyimp; 12-19-2009 at 01:08 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Allowing non-root to bind to ports < 1024? MWTJ Linux - Networking 8 08-12-2011 07:06 PM
"apache startssl" fails: can't bind port 443 mrjamin Linux - Software 4 07-04-2005 11:09 AM
permission erros on reloading apache and bind Pauly Red Hat 1 04-06-2005 05:52 AM
xinetd launched ssh port forwarding tommyr1216 Linux - Software 0 01-20-2005 07:53 PM
how to bind a <1024 port number with a non root users linuxlouis Linux - Networking 0 08-11-2003 11:10 AM


All times are GMT -5. The time now is 03:18 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration