Home page logo

basics logo Security Basics mailing list archives

RE: Reserved Ports and non-superuser Daemons
From: "Emilio Morla" <emilio.morla () grupositel com mx>
Date: Thu, 6 Dec 2007 11:43:52 -0600

The explanation is quite simple. The socket is binded by root at the start
of the daemon, and then switch to a non-privileged user. Thats the case with
apache, it starts as root and then witches to http or apache UID and GID.

Warm regards 

Ing. Emilio Morla
Phone: +52 (55) 51333385
E-mail: emilio.morla () grupositel com mx

Grupo Sitel de México
Redes y Seguridad
En la inmensidad del tiempo y en la latitud del cosmos, mi dicha fue haber
compartido una época y un planeta con ustedes.
Carl Sagan

-----Mensaje original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En
nombre de Arrav
Enviado el: Jueves, 06 de Diciembre de 2007 11:26 a.m.
Para: security-basics () securityfocus com
Asunto: Reserved Ports and non-superuser Daemons


The book UNIX Socket Programming 3d edition volume one specifies that in
UNIX, ports between 0 - 1023 are reserved ports, and can only be used by a
program running with super user privs.
I know lots of servers are binding to ports beneath 1024, and they obviously
don't have root privileges since this would be stupid security wise. I also
don't believe they have the suid bit on, because of the same issue.

I wonder if someone could explain that to me.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]