|
|
Focus on Sun
allowing ordinary users to open privileged ports Sep 02 2004 02:40PM randy calma repasa (rrepasa ekonek com) (6 replies) Re: allowing ordinary users to open privileged ports Sep 10 2004 11:40PM Brian Hatch (bri ifokr org) Re: allowing ordinary users to open privileged ports Sep 06 2004 03:58AM David Meissner (dmeissner jetcity com) (1 replies) RE: allowing ordinary users to open privileged ports Sep 10 2004 01:29PM Phil Eschallier (phil 10types com) (1 replies) Re: allowing ordinary users to open privileged ports Sep 13 2004 02:03PM Reg Quinton (reggers ist uwaterloo ca) RE: allowing ordinary users to open privileged ports Sep 04 2004 02:07PM Alan W. Rateliff, II (lists rateliff net) Re: allowing ordinary users to open privileged ports Sep 04 2004 02:05PM Jason (security brvenik com) |
|
Privacy Statement |
> Has anyone in the list successfully tried allowing ordinary
>users to open privileged (< 1024) ports? We have a solaris 8 on sparc
>machine running an (java) application that normally uses ports > 1024;
>however a client requested the application to use privileged ports
>instead.
>
> This resulted in the application failing to start as the port
>that the application was trying to bind to was < 1024. I've looked for
>methods/workarounds to allow this but have so far come up empty.
In Solaris 9 and before it is not possible to achieve this other than
by running applications as root.
In Solaris 10, you can give users the net_privaddr privilege
which allows them to bind to privilege ports.
Of course, this means that no part of the infrastructure should
depend on reserved port based "authentication".
(I.e., no .rhosts file authentication; no "auth_sys" NFS, etc.)
Casper
[ reply ]