Timeline for Allow non-root process to bind to port 80 and 443?
Current License: CC BY-SA 4.0
9 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 28, 2023 at 15:09 | comment | added | Emre | "security ... all users can bind all ports" - this a vestigial security feature leftover from the olden days where everyone would share a single computer. At that time the only way to know if you were accessing the real server was to see if it connects on the correct port. Imagine if you ftp into the server thinking you're getting the server but some rogue user on that server decided to set a fake ftp server on port 21, you'd be sending your files to the rogue user instead of the server LOL! Security has improved a lot since those days... and this "security feature" is merely an annoyance. | |
| Mar 20, 2022 at 16:01 | comment | added | Nate-Wilkins | > be careful about security because all users can bind all ports Can someone elaborate why this is bad? | |
| Sep 16, 2021 at 13:39 | comment | added | soleuu | allowing only 80 and 443 is not possible with this method. you can change the value to 80 but it will allow port range 80-1024 for non root users. | |
| Aug 26, 2021 at 2:45 | comment | added | mekb | seems to be the simplest solution, however is there a way to only open 80 and 443 to a certain group? | |
| Apr 23, 2020 at 11:32 | comment | added | Fernando | Nice solution. I have used it for IPv6 and it is working perfectly. Here is what I've done: docs.google.com/document/d/e/… | |
| Sep 13, 2019 at 13:36 | comment | added | jww | That's clever. One small nit: the configuration opens 80 and 443, but it also opens all the other ports. Relaxing permissions on the other ports may not be desired. | |
| Sep 13, 2019 at 7:55 | review | Late answers | |||
| Sep 13, 2019 at 7:56 | |||||
| Sep 13, 2019 at 7:40 | review | First posts | |||
| Sep 13, 2019 at 11:11 | |||||
| Sep 13, 2019 at 7:38 | history | answered | soleuu | CC BY-SA 4.0 |