Professional Web Applications Themes

Port 80 ownership change to non-ROOT - Linux / Unix Administration

Anyone knows how to change the ownership on port 80 for IBM Websphere's http processes at the Solaris 10 server ? Currently, port 80 is owned by root. We want to make it owned by some other non-root user. Is this do-able ? If yes, please let us know how. If not, what is the work-around so I could have a cleaner URL which does not include a random preset port number. Thanks, Bill...

  1. #1

    Default Port 80 ownership change to non-ROOT

    Anyone knows how to change the ownership on port 80 for IBM Websphere's
    http processes at the Solaris 10 server ?

    Currently, port 80 is owned by root. We want to make it owned by some
    other non-root user. Is this do-able ?

    If yes, please let us know how. If not, what is the work-around so I
    could have a cleaner URL which does not include a random preset port
    number.


    Thanks,

    Bill

    underh20 Guest

  2. #2

    Default Re: Port 80 ownership change to non-ROOT

    On 30 Mar 2006 16:05:46 -0800, underh20 <com> wrote: 

    I _think_ you're asking slightly the wrong question. You want the
    webserver process to run as other than root as your goal here, right?
    In the websphere webserver config (which is just apache, really), you
    can say who the httpd is going to run as, both user and group. Set the
    doent root's permissions accordingly. I don't think there's any
    reason to have the port itself "owned" by anyone; in a few hundred
    webserver installs, I've never done such a thing. Content, yes. You
    don't want httpd running as root, yes. Diddling around with ports? I
    wouldn't.

    Dave Hinz

    Dave Guest

  3. #3

    Default Re: Port 80 ownership change to non-ROOT

    Dave Hinz <net> writes: [/ref]
    [...] 

    However, there is a long-standing RFE for just that feature -- the
    ability to mark some ordinarily-privileged ports as non-privileged:

    CR 4763821 would like method to specify a port lower than 1024 as
    unprivileged

    It's also worthwhile to point out that in Solaris 10, you don't need
    to be root at all to open those ports, so the original question was
    incomplete. You merely need to have the PRIV_NET_PRIVADDR privilege
    granted to the process. See privileges(5) and the various RBAC-
    related pages (such as exec_attr(4)) for hints about how to go about
    doing this.

    --
    James Carlson, KISS Network <com>
    Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
    James Guest

Similar Threads

  1. Ownership change for Algorithm::Diff
    By Andrew Chadwick in forum PERL Modules
    Replies: 0
    Last Post: August 21st, 05:46 PM
  2. File ownership - root vs. ???
    By bad_knee in forum Linux / Unix Administration
    Replies: 4
    Last Post: March 3rd, 12:35 AM
  3. Change Profile Ownership in XP: Help?
    By George in forum Windows Setup, Administration & Security
    Replies: 1
    Last Post: July 5th, 07:11 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139