I want to run a web server on my Mac as a non-root process. Normally only root processes can bind to port 80 (or to any port below 1024).
Can I open port 80 specifically so that non-root processes can listen on it?
macosNetworksoftware
I want to run a web server on my Mac as a non-root process. Normally only root processes can bind to port 80 (or to any port below 1024).
Can I open port 80 specifically so that non-root processes can listen on it?
Best Answer
This is difficult to do by design, and unless you have root access to your machine none of the following will work as they require root to setup the changes. Once changed, though, userspace programs will have access without having root.
There are two common ways to accomplish this, and which you choose will depend on why you're trying to work around the restriction:
Point port 80 to another port, such as 8080
By reconfiguring your machine to pass all port 80 traffic to port 8080, or any port of your choosing, then you can allow user space servers to receive root privilege ports in the area they are given access to.
The process is straightforward:
(source)
This is a temporary change, and will revert once you reboot, or flush as indicated int he last line.
You can make the change permanent, or you could add the command as a startup line prior to starting your server, which is probably safer from the standpoint of security.
Use Authbind
Authbind was designed specifically to allow one program access to lower level ports without giving it full root access.
There is a MacOSX port:
https://github.com/Castaglia/MacOSX-authbind
It may still be limited to IPv4 traffic, though, so you may have to do some additional investigation to find if it meets your needs