Re: Liberating locked up ports
Re: Liberating locked up ports
- Subject: Re: Liberating locked up ports
- From: Quinn <email@hidden>
- Date: Fri, 24 Jan 2003 14:06:52 +0000
At 13:24 +0100 24/1/03, Bernd Lvhr wrote:
Is there a way to allow an application to listen on port 21 (FTP)
without having to run it as root? A kind of liberating the
imprisoned ports :-)) ?
Our FTP server is tightly integrated into our communication app and
we cannot make it a separate tool. And we do not want to have the
complete app run as root for security reasons, as well.
Does your server use sockets or OT?
If it's sockets (or some technology, like CFSocket, that's layered on
top of sockets), you can use a setuid root helper tool (see my
MoreAuthSample code) to open the file descriptor and bind it to port
21, and then pass that descriptor back to your application via a
local domain socket. Rich Kubota has a not-yet-finished sample that
shows how to do this; if you write to <email@hidden>, he'll probably
give you a pre-release copy.
If you're using the OT APIs, there is no good solution to this problem.
S+E
--
Quinn "The Eskimo!" <
http://www.apple.com/developer/>
Apple Developer Technical Support * Networking, Communications, Hardware
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.