On 2014-03-03 03:11, Edward Ned Harvey (mono) wrote: > I have a service that needs to bind to port 443, and as far as I can tell, > the best way to do this is to start as root (or sudo) and bind 443, and then > lower privileges by using Mono.Unix.Native.Syscall.setuid. Unfortunately my > actual service product was failing to do this, so I created a *really* simple > test project, and it still fails. > > If there's a better way to solve this problem, I'd love to know. ;-) I am > not married to Syscall.setuid. > I have used mkbundle together with "setcap 'cap_net_bind_service=+ep' /path/to/my-bin" That way I get a binary which can listen to privileged ports without running as root.
Your method is probably better since it prevents further use of privileged ports. Also you could possible use iptables to redirect to a higher port number. _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
