UNIX and ports < 1024

This article was first written in May 2005 for the BeezNest technical
website (http://glasnost.beeznest.org/articles/262).

On UNIX, the ports < 1024 are accessible to user root only.

That has many implications, as then most standard networked servers have to start as root anyway, because they use well-known ports (like HTTP, SMTP, POP, IMAP, FTP, …).

To reduce the risk, most of them then start as root, open the port(s) they need and then change to another user. For example, Apache does it like this.


Related Posts

HOWTO Install and maintain free software easily under Solaris: pkg-get

This article was first written in August 2004 for the BeezNest technical website...

Why adding . to the PATH on UNIX is BAD ?

This article was first written in December 2003 for the BeezNest technical website...