Solved

Non root user open ports below 1024

Posted on 2004-09-14
8
778 Views
Last Modified: 2013-12-27
Is it possible to allow a non root user permissions to open ports below 1024. I am trying to run an application that needs to listen on port 162 for SNMP traps but if the app is started as a non root user the app doesnt start. If I start is a root it runs okay. Any ideas?
0
Comment
Question by:pmg2004
8 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 12059644
Is the application something you have control of?

It's common to have process that listens to a privileged port is started as root and then forks off a process as a non priviledged user.
0
 

Author Comment

by:pmg2004
ID: 12059728
The port is actually being opened by a WebLogic startup class, and we are trying to avoid running WebLogic as root. Is it possible to grant permission to the user that starts WebLogic to open port 162?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12059984
> Is it possible to grant permission to the user that starts WebLogic to open port 162?

No. To open a port less than 1024 root privs are required. Of course that doesn't mean that the user must be root since you could make the task suid to root on execution.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12069593
Umm, just because it is possible to create an SNMP agent under WebSphere doesn't mean that it is a good idea....
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12130310
simple question, simple answer: NO.
0
 
LVL 2

Expert Comment

by:Matt_Avery
ID: 12248015
The canonical example of a process that listens on privileged ports as "root" and hands off the connections to other low-privilege processes is of course "inetd". If you can engineer your thingy to run under "inetd", you will avoid re-inventing the wheel.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 12393299
PAQed - no points refunded (of 125)

Computer101
E-E Admin
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question