Solved

Non root user open ports below 1024

Posted on 2004-09-14
8
781 Views
Last Modified: 2013-12-27
Is it possible to allow a non root user permissions to open ports below 1024. I am trying to run an application that needs to listen on port 162 for SNMP traps but if the app is started as a non root user the app doesnt start. If I start is a root it runs okay. Any ideas?
0
Comment
Question by:pmg2004
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 12059644
Is the application something you have control of?

It's common to have process that listens to a privileged port is started as root and then forks off a process as a non priviledged user.
0
 

Author Comment

by:pmg2004
ID: 12059728
The port is actually being opened by a WebLogic startup class, and we are trying to avoid running WebLogic as root. Is it possible to grant permission to the user that starts WebLogic to open port 162?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12059984
> Is it possible to grant permission to the user that starts WebLogic to open port 162?

No. To open a port less than 1024 root privs are required. Of course that doesn't mean that the user must be root since you could make the task suid to root on execution.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12069593
Umm, just because it is possible to create an SNMP agent under WebSphere doesn't mean that it is a good idea....
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12130310
simple question, simple answer: NO.
0
 
LVL 2

Expert Comment

by:Matt_Avery
ID: 12248015
The canonical example of a process that listens on privileged ports as "root" and hands off the connections to other low-privilege processes is of course "inetd". If you can engineer your thingy to run under "inetd", you will avoid re-inventing the wheel.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 12393299
PAQed - no points refunded (of 125)

Computer101
E-E Admin
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question