Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Non root user open ports below 1024

Posted on 2004-09-14
8
Medium Priority
?
807 Views
Last Modified: 2013-12-27
Is it possible to allow a non root user permissions to open ports below 1024. I am trying to run an application that needs to listen on port 162 for SNMP traps but if the app is started as a non root user the app doesnt start. If I start is a root it runs okay. Any ideas?
0
Comment
Question by:pmg2004
7 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 12059644
Is the application something you have control of?

It's common to have process that listens to a privileged port is started as root and then forks off a process as a non priviledged user.
0
 

Author Comment

by:pmg2004
ID: 12059728
The port is actually being opened by a WebLogic startup class, and we are trying to avoid running WebLogic as root. Is it possible to grant permission to the user that starts WebLogic to open port 162?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12059984
> Is it possible to grant permission to the user that starts WebLogic to open port 162?

No. To open a port less than 1024 root privs are required. Of course that doesn't mean that the user must be root since you could make the task suid to root on execution.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12069593
Umm, just because it is possible to create an SNMP agent under WebSphere doesn't mean that it is a good idea....
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12130310
simple question, simple answer: NO.
0
 
LVL 2

Expert Comment

by:Matt_Avery
ID: 12248015
The canonical example of a process that listens on privileged ports as "root" and hands off the connections to other low-privilege processes is of course "inetd". If you can engineer your thingy to run under "inetd", you will avoid re-inventing the wheel.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 12393299
PAQed - no points refunded (of 125)

Computer101
E-E Admin
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses
Course of the Month14 days, 13 hours left to enroll

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question