-   Programming (
-   -   need permission for apache-launched daemon to bind on port under 1024 (

sneakyimp 05-05-2009 04:42 PM

need permission for apache-launched daemon to bind on port under 1024
I have written a flash socket security file server in PHP. The basic idea is that when Flash Player connects via socket to a server, the first thing it does is connect to port 843 and send a request for a 'socket policy file' by sending the string <policy-file-request/>.

The problem I have is that in order to launch this daemon script, I apparently need root level access in order to bind a socket to any port under 1024.

Can anyone recommend some way to let this php script bind to port 843 without needing root-level access? That seems like a big security risk to me -- especially if I want to launch this daemon using a php page hosted by apache. giving apache root-level access sounds like a VERY BAD idea.

bigearsbilly 05-05-2009 07:18 PM

apache is always started by root ain't it.
is on my BSD anyway.
I don't think non root can open such a port.

sneakyimp 05-05-2009 09:56 PM

i know that one way to get permission to open on port less than 1024 is to sudo as root.

another is to su root and do it first.

there are also other ways like sudoers. I've also heard that you can use some kind of ip table thing which would either reroute 843 requests to some other port about 1024 or something. I don't really know.

Any tips would be helpful. I'm still searching. Someone had suggested turning my daemon thing into a startup process like apache or mysql which launches are root then relinquishes permissions once it is rolling.

All times are GMT -5. The time now is 10:50 AM.