best way to bind webserver to port 80 without running as root
Hi all, suddenly I'm facing this quest on freebsd 8. I need to bind my little webserver running aolserver to port 80. In the past I was always using port 8080 and had my router configured to forward requests on port 80 to the server on port 8080. However, I am planning to host my little site on a virtual server with a hosting company and figuredI can't use the workaround I always used. So my question is, how to bind aolserver to port 80 without running as root as I understood ports below 1024 can only be used by root. I found a sysctl net.inet.ip.portrange.reservedhigh which enables me to set it to 0. However, I don't know what the security ramifications are of using that. Are there any other options I could consider? Thanks Dino ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: best way to bind webserver to port 80 without running as root
On 01/04/2012 11:10 AM, Dino Vliet wrote: Hi all, suddenly I'm facing this quest on freebsd 8. I need to bind my little webserver running aolserver to port 80. In the past I was always using port 8080 and had my router configured to forward requests on port 80 to the server on port 8080. However, I am planning to host my little site on a virtual server with a hosting company and figuredI can't use the workaround I always used. So my question is, how to bind aolserver to port 80 without running as root as I understood ports below 1024 can only be used by root. I found a sysctl net.inet.ip.portrange.reservedhigh which enables me to set it to 0. However, I don't know what the security ramifications are of using that. Are there any other options I could consider? Thanks Dino ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac-portacl.html ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: best way to bind webserver to port 80 without running as root
On Wed 2012-01-04 (02:10), Dino Vliet wrote: suddenly I'm facing this quest on freebsd 8. I need to bind my little webserver running aolserver to port 80. In the past I was always using port 8080 and had my router configured to forward requests on port 80 to the server on port 8080. However, I am planning to host my little site on a virtual server with a hosting company and figuredI can't use the workaround I always used. So my question is, how to bind aolserver to port 80 without running?as root as I understood ports below 1024 can only be used by root. I found a sysctl net.inet.ip.portrange.reservedhigh which enables me to set it to 0. However, I don't know what the security ramifications are of using that. Are there any other options I could consider? Hi, if your server isn't able to bind as root and then drop its ownership then you can just run the process on a higher port number and use something like pf or portfwd to forward requests to port 80 to that higher port. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org