How can I bind() to a port number < 1024?

Unix Socket FAQ for Network programming

(Continued from previous question...)

How can I bind() to a port number < 1024?

The restriction on access to ports < 1024 is part of a (fairly weak) security scheme particular to UNIX. The intention is that servers (for example rlogind, rshd) can check the port number of the client, and if it is < 1024, assume the request has been properly authorised at the client end.

The practical upshot of this, is that binding a port number < 1024 is reserved to processes having an effective UID == root.

This can, occasionally, itself present a security problem, e.g. when a server process needs to bind a well-known port, but does not itself need root access (news servers, for example). This is often solved by creating a small program which simply binds the socket, then restores the real userid and exec()s the real server. This program can then be made setuid root.

(Continued on next question...)

Other Interview Questions

• Who is this FAQ for?
• What are Sockets?
• How do Sockets Work?
• How can I tell when a socket is closed on the other end?
• What's with the second parameter in bind()?
• How do I get the port number for a given service?
• If bind() fails, what should I do with the socket descriptor?
• How do I properly close a socket?
• When should I use shutdown()?
• What is the difference between close() and shutdown()?
• Code Sample: a very simple client process.
• Explain the TIME_WAIT state.
• Why does it take so long to detect that the peer died?
• What are the pros/cons of select(), non-blocking I/O and SIGIO?
• Why do I get EPROTO from read()?
• How can I force a socket to send the data in its buffer?
• Where can a get a library for programming sockets?
• How come select says there is data, but read returns zero?
• Whats the difference between select() and poll()?
• How do I send [this] over a socket?
• How do I use TCP_NODELAY?
• What exactly does the Nagle algorithm do?
• What is the difference between read() and recv()?
• Is there any advantage to handling the signal, rather than just ignoring it and checking for the EPIPE error? Are there any useful parameters passed to the signal catching function?
• After the chroot(), calls to socket() are failing. Why?
• Why do I keep getting EINTR from the socket calls?
• When will my application receive SIGPIPE?
• What are socket exceptions? What is out-of-band data?
• How can I find the full hostname (FQDN) of the system I'm running on?
• How do I convert a string into an internet address?
• How can my client work through a firewall/proxy server?
• Why does connect() succeed even before my server did an accept()?
• Why do I sometimes lose a server's address when using more than one server?
• How can I set the timeout for the connect() system call?
• system choose one for me on the connect() call? Should I bind() a port number in my client program, or let the
• Why do I get "connection refused" when the server isn't running?
• over the socket ? Is there a way to have a dynamic buffer ? What does one do when one does not know how much information is com- ming
• How come I get "address already in use" from bind()?
• Why don't my sockets close?
• How can I make my server a daemon?
• How can I listen on more than one port at a time?
• What exactly does SO_REUSEADDR do?
• What exactly does SO_LINGER do?
• What exactly does SO_KEEPALIVE do?
• How can I bind() to a port number < 1024?
• How do I get my server to find out the client's address / host- name?
• How should I choose a port number for my server?
• What is the difference between SO_REUSEADDR and SO_REUSEPORT?
• How can I write a multi-homed server?
• How can I read only one character at a time?
• I'm trying to exec() a program from my server, and attach my socket's IO to it, but I'm not getting all the data across. Why?
• When should I use UDP instead of TCP?
• What is the difference between "connected" and "unconnected" sockets?
• of the socket? Does doing a connect() call affect the receive behaviour
• How can I read ICMP errors from "connected" UDP sockets?
• How can I be sure that a UDP message is received?
• How can I be sure that UDP messages are received in order?
• How often should I re-transmit un-acknowleged messages?
• How come only the first part of my datagram is getting through?
• Why does the socket's buffer fill up sooner than expected?
• How would I put my socket in non-blocking mode?
• How can I put a timeout on connect()?