> Where do I set permissions for the bind command?
> Right now, only root can bind to ports below 1024. Is there a way to let
> another user (without giving them root permissions) bind to a port below
> 1024???
>
> Thanks in advance...
This is an idea I played with a little while ago, based upon an idea seen
on the kernel wish list home page... in the context of hopefully reducing
the amount of suid programs and/or programs run as root (dump, rcp,
rlogin, lpd, etc).
There are two approaches...
1) POSIX.6 (or whatever the newer, proper name is). A promising idea but
whoever was working on it hasn't said much recently....?
2) A table of owners for each port under 1024, maintained in kernel space
and settable with new calls/ioctls/etc. At boot-time a program can run and
set, eg, port 25 owned by sendmail, 80 by httpd... etc.. etc.. amount of
things running as root drops drastically.
Option 2 would actually be trivial to implement once the API for
getting/setting port ownerships was decided, but isn't really standard so
would it get into the kernel proper??
Cheers,
Chris