Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-14-2005, 09:30 AM
|
#1
|
LQ Newbie
Registered: Jul 2005
Posts: 1
Rep:
|
access using port 443
Is the use of port 443 only accessible to root? Specifically, I have monitoring software with a web interface that I want to use https (port 443), however when I run the software, I get an error stating that the port is already in use...
I know that it is not in use (or at least it does not show up in netstat -a), and my thought is that the error is erroneously reporting it is in use when really it might just not have access to it.
Also, it runs ok when I start it as root, but I do not want to run it as root.
any way to get around this?
|
|
|
07-14-2005, 11:13 AM
|
#2
|
LQ Guru
Registered: Sep 2001
Location: Montreal, Canada
Distribution: Slackware; Debian; Gentoo...
Posts: 2,163
Rep:
|
Back in time, some crazy nerds thought it would be a good "security" feature to prevent users to open a port in the 1-1024 range. Therefore, only root can start a program that listen on a port in that range...
|
|
|
07-14-2005, 03:37 PM
|
#3
|
Senior Member
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197
Rep:
|
At the time it was a dandy security feature. Most 13 year old kids sitting in their basements didn't have the money to go a big iron UNIX machine, so you were pretty much assured that if you were accessing a privileged port that the system owner started the process and that it could be (more or less) trusted.
The networks were a different place back then, even the internet. Before Robert Morris came along and reminded us that there was a whole big world out there, security was more a set of ethics than the business opportunity that it is now.
|
|
|
07-14-2005, 06:48 PM
|
#4
|
Member
Registered: Oct 2004
Posts: 229
Rep:
|
So today servers start as root and then invoke a setuid call to drop root, so they don't become a hazard to the rest of the system.
|
|
|
All times are GMT -5. The time now is 02:50 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|