Kragen Sitaker  kragen@pobox.com
Wed, 16 Jan 2002 03:38:02 -0500 (EST)

    * Previous message: MetaPy Python package
    * Next message: idiosyncratic markup processor
    * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In Unix, many of the bigger violations of the principle of least
privilege stem from the rule that only root can bind to TCP or UDP
ports below 1024.  Many network daemons run as root just so they can
do this.

This pair of programs illustrates how you can have a small, simple
program bind to the port and accept connections, while the program
that actually handles inbound connections can remain unprivileged.
After I wrote this, I realized that it would probably be more sensible
to have the small, simple program bind to the port and pass the file
descriptor for the listening socket to the other program, but as it
is, it passes the existing connections over instead.  (There's some
weak justification for this in the comments in the program.)

There are other reasons you might want to transmit open file
descriptors to other programs.


Here's a demo script:
#!/bin/sh
# These programs won't work if you don't have Unix.  Really.

make hellofdpass portlisten || exit

./portlisten 10000 socket &
listenpid=$!

./hellofdpass socket "hello, world
" &
hellopid=$!

telnet localhost 10000

kill $listenpid $hellopid
wait; wait




