Answer by thx1111 for Allow non-root process to bind to port 80 and 443?
If you are running systemd and linux, then you can simply add to the server unit file:# /etc/systemd/system/http_server.service# ...[Service]# ...AmbientCapabilities = CAP_NET_BIND_SERVICEAnd, if, in...
View ArticleAnswer by Michael Cole for Allow non-root process to bind to port 80 and 443?
What is the simplest thing that could possibly work?A reverse proxy. Nginx is simpler than iptables (for me anyways). Nginx also offers "ssl termination".sudo apt install nginxsudo service nginx start#...
View ArticleAnswer by soleuu for Allow non-root process to bind to port 80 and 443?
Simplest solution : remove all privileged ports on linuxWorks on ubuntu/debian :#save configuration permanentlyecho 'net.ipv4.ip_unprivileged_port_start=0'>...
View ArticleAnswer by noob for Allow non-root process to bind to port 80 and 443?
I have a rather different approach. I wanted to use port 80 for a node.js server. I was unable to do it since Node.js was installed for a non-sudo user. I tried to use symlinks, but it didn't work for...
View ArticleAnswer by Jason C for Allow non-root process to bind to port 80 and 443?
I'm not sure what the other answers and comments here are referring to. This is possible rather easily. There are two options, both which allow access to low-numbered ports without having to elevate...
View ArticleAnswer by JdeBP for Allow non-root process to bind to port 80 and 443?
Dale Hagglund is spot on. So I'm just going to say the same thing but in a different way, with some specifics and examples. ☺The right thing to do in the Unix and Linux worlds is:to have a small,...
View ArticleAnswer by Dale Hagglund for Allow non-root process to bind to port 80 and 443?
Your instincts are entirely correct: it's a bad idea to have a large complex program run as root, because their complexity makes them hard to trust.But, it's also a bad idea to allow regular users to...
View ArticleAllow non-root process to bind to port 80 and 443?
Is it possible to tune a kernel parameter to allow a userland program to bind to port 80 and 443?The reason I ask is I think its foolish to allow a privileged process to open a socket and listen....
View Article
