Re: Apple-approved way to listen on well known ports?
Re: Apple-approved way to listen on well known ports?
- Subject: Re: Apple-approved way to listen on well known ports?
- From: Quinn <email@hidden>
- Date: Thu, 25 Sep 2003 22:02:46 +0100
At 13:51 -0400 25/9/03, Doug Hill wrote:
What are my options to get my product listening on port 21 w/o being logged
in as root? What is the Apple-approved [tm] way?
The Apple-approved way is shown in MoreSCF.
<
http://developer.apple.com/samplecode/Sample_Code/Security/MoreAuthSample.htm>
You need to use a setuid root helper tool to open the port and pass
the descriptor back to your application via descriptor passing on a
Unix domain socket.
Note that this mechanism is incompatible with use of the Open
Transport API (which it seems that you're using). There's no
supported way to wrap the returned socket into an OT endpoint.
There really isn't any good solution for an OT-based product. The
best you can do is to write a sockets-based tool that forwards
connections to a non-privileged port, but that isn't exactly ideal
(data goes in and out of the kernel twice).
S+E
--
Quinn "The Eskimo!" <
http://www.apple.com/developer/>
Apple Developer Technical Support * Networking, Communications, Hardware
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.