Hi Khaled, > Is it a good idea to run daemons on non privileged ports as a normal > user (eg. www) then have natd or a firewall redirect the traffic > targetting the privileged port. > > For example: > > A web server running as user www on port 8000. > IPFW, IPNAT, PF or NATD redirecting port 80 to port 8000. > > Is such a soloution a good idea? > I read in man natd that one can redirect traffic comming on the > gateway on port 80 to one or many servers running daemons on non > privileged ports.
Yes it might be a good idea, but again, it depends on your security requirements : any user is able to bind port 8000, so if you have other users on the system, this may not be something to avoid. But FWIW, this would totally remove the need to make a privileged part in your application. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
