ports 80 and 443
[261 byte] By [skinfield] at [2007-11-26 11:24:45] 
I know that root is the only user-id that can manage these ports (80 and 443), but right now I need to use other user-id for assiggning these ports (for security reasons) , how can i do this one?, is enough assign one user to root group?thanks!!!!
«« ipf: [ID 872937 kern.notice] NOTICE: Unknown: cmd 0x403 data ffbfc89c
»» Posix for DS users created by IdSync.
»» Posix for DS users created by IdSync.
# 1
Check the system tunables guide on docs.sun.com. IIRC it's something like minimum priveleged port.alanalanpae at 2007-7-7 3:40:16 >
# 2
I believe that with that tunable you can increase the value, but not decrease it. You can also assign specific ports to be privilged, but not release low ones.In Solaris 10, you could give a process or project the privilege of binding to privileged ports. -- DarrenDarren_Dunham at 2007-7-7 3:40:16 >
# 3
> I believe that with that tunable you can increase the
> value, but not decrease it. You can also assign
> specific ports to be privilged, but not release low
> ones.
http://www.sun.com/blueprints/1299/network.pdf
Page 20 shows an example of bumping it up, but I don't see why you couldn't do it in the reverse.
Anyway, I took a quick look at the Solaris 10 doc set and it would appear that that tunable no longer exists.
alan
alanpae at 2007-7-7 3:40:16 >
# 4
> > I believe that with that tunable you can increase
> the
> > value, but not decrease it. You can also assign
> > specific ports to be privilged, but not release
> low
> > ones.
>
> http://www.sun.com/blueprints/1299/network.pdf
>
> Page 20 shows an example of bumping it up, but I
> don't see why you couldn't do it in the reverse.
It's not explicitly mentioned, but if you try with 'ndd', it won't let you lower that number below 1024. The section is on "adding" ports to the list, not removing them.
There's no way to do this without being root or running solaris 10 (where you can use the net_privaddr privilege).
--
Darren
Darren_Dunham at 2007-7-7 3:40:16 >
# 5
> but if you try with> 'ndd', it won't let you lower that number below 1024.Something to do next March I guess.thanks,alanalanpae at 2007-7-7 3:40:16 >
# 6
What does next March refer to?-- DarrenDarren_Dunham at 2007-7-7 3:40:16 >
# 7
> What does next March refer to?
Despite some people's best(worst?) efforts, I'll have a laptop again next March. Then I can test this for myself. Just met another idiot who's going to jail on my way over to write this message. These people are much to obvious and predictable.
alan
alanpae at 2007-7-7 3:40:16 >
General New Topic
- dhcp configuration
- How do I use ufsdump to clone a larger scsi disk from a smaller scsi disk?
- DNS configuration steps in solaris 9.0
- What is the best (fastest?) partition config for the root file system?
- Open SSL Upgradation.
- SVM Disk Mirror question
- Solaris 10 OS, x86,-media
- Error : ld.so.1: mv: fatal: libsec.so.1: version
General Hot Topic
- Root disk encapsulation - VxVM question
- apply a patch which is a diff file
- How to enable the HP DAT72 Tape Drive's hardware compress function?
- Suspend operation failed on Solaris 9
- Solaris 10, ssh and users without password
- Dual Core Processors
- SunFire V880 hanging on reboot
- Sendmail, configure for no hostname in from.
General
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding