Re: UID permissions mappings for "privileged ports" feature -- anybody done?

Magnus Ahltorp (
Wed, 6 Nov 1996 23:58:35 +0100 (MET)

> Anyway, somebody have a patch that already does something like that?
> I'm sure I could hack in a less elegant static solution (like
> "if(portnum=80&&uid==12345) goto ok;" or whatever the code would say).
> Wait ... hmm ... I can't find it in the kernel source. Is this a libc
> thing?

You can do this without kernel hacking, by letting a priviliged program
allocate the port. If you really want to hack kernel, look for suser()
calls in net/ipv4/af_inet.c. You'll see a line where it checks if the port
number is below a value, and at the same time checks that the user is the
superuser. Of course you can hack it to allow users in a special group to
access a port to make it more flexible. Be sure you know what you're doing