How to give the permission to an executable to take the port 80 on Linux?

About

On Unix-based systems, the default HTTP port 80 is only available to program (executable) started by the root user.

For security reasons, it is not desirable to run the server as root (if the program got hacked for instance).

This page shows you two options on how to give access to a program without starting it as root.

Option

cap_net_bind_service

The first option is to give permission (capabilities) to the executable via setcap 

sudo setcap 'cap_net_bind_service=+ep' /path/to/your/executable
# To delete the permission
sudo setcap -r /path/to/your/executable

redirect

Or you can redirect the port. If you're program is listening on the port 3000, you can redirect it with the following iptables command 

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000

Documentation / Reference




Discover More
Bash Liste Des Attaques Ovh
Linux - File

Linux file management See Using Parameters Expansion Removal From a path string where the file does not exist dirname returns the first parent of an existing path file. ...



Share this page:
Follow us:
Task Runner