Solved

Non root user open ports below 1024

Posted on 2004-09-14
8
784 Views
Last Modified: 2013-12-27
Is it possible to allow a non root user permissions to open ports below 1024. I am trying to run an application that needs to listen on port 162 for SNMP traps but if the app is started as a non root user the app doesnt start. If I start is a root it runs okay. Any ideas?
0
Comment
Question by:pmg2004
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 12059644
Is the application something you have control of?

It's common to have process that listens to a privileged port is started as root and then forks off a process as a non priviledged user.
0
 

Author Comment

by:pmg2004
ID: 12059728
The port is actually being opened by a WebLogic startup class, and we are trying to avoid running WebLogic as root. Is it possible to grant permission to the user that starts WebLogic to open port 162?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12059984
> Is it possible to grant permission to the user that starts WebLogic to open port 162?

No. To open a port less than 1024 root privs are required. Of course that doesn't mean that the user must be root since you could make the task suid to root on execution.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12069593
Umm, just because it is possible to create an SNMP agent under WebSphere doesn't mean that it is a good idea....
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12130310
simple question, simple answer: NO.
0
 
LVL 2

Expert Comment

by:Matt_Avery
ID: 12248015
The canonical example of a process that listens on privileged ports as "root" and hands off the connections to other low-privilege processes is of course "inetd". If you can engineer your thingy to run under "inetd", you will avoid re-inventing the wheel.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 12393299
PAQed - no points refunded (of 125)

Computer101
E-E Admin
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question