Quoting Nadav Har'El, from the post of Tue, 28 Nov: > So can anybody suggest an idea on how to let a non-root process bind port > 80 on Linux?
not without mucking about in the kernel with special priviliges to specific users. What many people do is use (x)inetd or Dan Bernstein's tcpserver to bind to the socket, and forward the session to a process with a different UID, just fork it and hand it two file descriptors to do the rest. works for me with virtual pop and imap servers (no access to real users' homedirs), unpriviliged smtp server, and so on. viva capability starvation! on with the underpriviliged processes! we will execute you at dawn! I like being the dictator of my linux machine, though I'm sure to be the first against the firewall when the revolution(1) comes. apt-get install anarchism -- Weapon of mass destruction Ira Abramov http://ira.abramov.org/email/ ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
