Timeline for Why are the first 1024 ports restricted to the root user only?
Current License: CC BY-SA 3.0
13 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Dec 25, 2023 at 11:21 | comment | added | SOFe | it doesn't make sense that only root can listen on a port, but it makes sense to ensure that a user can exclusively own a port. | |
| Dec 24, 2023 at 10:53 | comment | added | omni | @SOFe And for the second part: what do you mean by "reasonable for applications that are actually root only"? What security benefit exactly do you gain by telling the kernel "only a root app can listen on this port?" | |
| Dec 24, 2023 at 10:50 | comment | added | omni | @SOFe sure you run modern applications differently. People started building best practises around those stupid legacy decissions. That doesn't make those decissions less stupid thought. I don't get your argument. Someone shit's on the street and instead of pointing him to a toilet you claim it's not an issue as long as everyone walks around it. | |
| Aug 29, 2023 at 6:49 | comment | added | SOFe |
That said, this argument only makes sense for application-level protocols like HTTP and HTTPS, but privileged ports are still reasonable for applications that are actually root only, tho probably better implemented as user-owned ports (something like chown root /sys/ports/22?) than a magic number 1024.
|
|
| Aug 29, 2023 at 6:42 | comment | added | SOFe |
@omni most people just run nginx on port 80 though, which either runs workers as www-data or forwards to another (non-root) application, so such exploits often have to be in nginx's root module itself, which are not exactly so common. On the other hand, most modern deployments just use iptables or tools using iptables like container networks. (Most modern port 80 deployments are just simple webpage servers that would be using cloud hosting anyway) (I just realized this answer was 12 years ago)
|
|
| Sep 15, 2018 at 0:37 | comment | added | omni | This nonsense should long be gone from the kernel. No port number should have any special meaning. The "reasoning" behind that design is long outdated (I'd think it was controversial even at design time). But what's worse then the idea of any special number ranges that are "trustworthy" are the implications. Webservers need to be executed as root just to serve webpages. A single exploit and the hole server is gone. And what for? For legacy design that never even slightly worked. | |
| Jul 13, 2011 at 10:38 | comment | added | Rory Alsop | Certainly in enterprise scenarios it gives an excellent solution, and as @Gilles said, services bind the port then drop privs. | |
| Jul 13, 2011 at 7:11 | comment | added | Gilles 'SO- stop being evil' | @Amazed It can still occasionally be useful today, on local networks. I don't think it leads to more servers running as root, services can bind the port then drop privileges, or use capabilities if available, or the admin can redirect a port on the firewall configuration. I don't think it would be put in if unix was designed today, but it doesn't hurt. | |
| Jul 13, 2011 at 4:10 | comment | added | Andrew Lambert | @dmckee it could also be argued that such a design leads to more servers running as root, even if they have the option of running on alternate ports. | |
| Jul 13, 2011 at 2:47 | comment | added | dmckee --- ex-moderator kitten | @Amazed: The unix world is conservative, so the question to ask is "Does it cause any real trouble?" (and it should be answered in the full knowledge that every sever worth running has a command line argument to change the port). | |
| Jul 13, 2011 at 1:10 | comment | added | Andrew Lambert | So, sort of a poor-man's authentication, then? Does this convention have any real benefit in modern *nix-like operating systems? | |
| Jul 13, 2011 at 1:09 | vote | accept | Andrew Lambert | ||
| Jul 13, 2011 at 0:42 | history | answered | Gilles 'SO- stop being evil' | CC BY-SA 3.0 |