{Fraud?} Xitami port access problem

Edmund Craske edmund at m00is.net
Mon Jan 28 15:45:55 GMT 2008 

Kelvin Woods wrote:
> On Mon, January 28, 2008 15:03, Jamie White wrote:
>> Hi
>>
>> After a bit of fiddling I managed to get the xitami webserver working
>> on my
>> computer under root. However for fairly obvious reasons i'd rather not
>> run
>> the server as root.
>>
>> So what I did is create  two new users:
>>
>> xitami
>> xitami-www
>>
>> They both share the home directory /home/xitami, difference is, is a
>> setup
>> that only allows xitami-www read only access to the home folder,
>> xitami has
>> read write access. Thought it make for quite good security.
>>
>> Now when I try to start xitami under the user xitami-www I get the
>> following
>> set of errors:
>>
>> Xitami/2.5c2
>> Copyright (c) 1991-2003 iMatrix Corporation
>> 2001/01/28 16:02:22: xilrwp: Could not open LRWP port 81
>> 2001/01/28 16:02:22: Port is already used by another server
>> 2001/01/28 16:02:22: smthttp: web server binding to address 127.0.0.1
>> 2001/01/28 16:02:22: smthttp: opening HTTP service on  port 80...
>> 2001/01/28 16:02:22: could not open port 80
>> 2001/01/28 16:02:22: Port is already used by another server
>> 2001/01/28 16:02:22: Permission denied
>>
>> Now no services are on port 80 or for that matter 81. I am fairly
>> certain
>> somethings blocking xitami-www from listening on this port, I
>> wondering what
>> is likely to be blocking it, and how do I unblock it?
>>
>> Jamie
>>
> 
> If I understand what you're attempting to do correctly you're trying
> to launch a service from a "normal" user account that wishes to use a
> priviledged port. This wouldn't be possible under standard security
> constraints. I would guess that the error message about the port
> already being in use is a bit of a red herring.
> 
> To confirm this can you run the service on a higher port number i.e.
> greater than 1024?

The normal way that services work is that they are started as root, bind 
to the necessary ports < 1024, then give up root privileges and run as a 
specified user - look at the configs for xitami and see if such a 
configuration is possible.

Ed

More information about the Ukfreebsd mailing list