tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Turner <tomcat-u...@johnturner.com>
Subject Re: (13)Permission denied while starting apache
Date Mon, 12 May 2003 13:01:13 GMT

Sure, but in my mind its overkill.  The original poster is obviously a 
rookie (not that this is bad, I'm just making an observation)...messing 
with sticky bits seems like it might be more than can or want to handle.  
Apache is already designed to handle these issues, and in typical 
environments Apache is started on system boot, not by a user.

John

On Mon, 12 May 2003 13:49:24 +0100, <graghupathy@aegonuk.co.uk> wrote:

> John,
> 	got this text from book .. can this be used to solve his issue ?
>
> -----------------------------------
>
> If you execute an SUID file, your user ID is set to the user ID of the
> file's owner. Therefore, if you execute an SUID file that is owned by 
> root,
> you are the superuser-for the duration of the program. Likewise, 
> executing
> an SGID file sets your group ID to the file's group while the file is
> executing. SUID and SGID files can be security holes, but they really 
> exist
> to enhance security. For example, you might want to allow any user to 
> create
> a backup tape, but you shouldn't give every user the root password.
> Therefore, you can create a special version of the dump utility that is
> owned by root and that has the SUID bit set. When a user invokes this
> utility, he or she will be able to back up the entire filesystem because 
> the
> dump command will run as if it were executed by root. But the user can't 
> do
> anything else: he doesn't know the superuser password and can't do 
> anything
> that dump won't let him do. Used carefully, SUID programs can be a 
> powerful
> tool.
>
> -----------------------------------
>
>
>
> -----Original Message-----
> From: John Turner [mailto:tomcat-user@johnturner.com]
> Sent: 12 May 2003 13:39
> To: Tomcat Users List
> Subject: Re: (13)Permission denied while starting apache
>
>
>
> No.  Ports less than <1024 on UNIX-like systems are restricted to root 
> access.  Unless you feel like hacking your own kernel, you have to be 
> root to bind a service to a port less than 1024.  Or switch to a 
> Microsoft OS, which doesn't have this restriction (unfortunately).
>
> John
>
> On Mon, 12 May 2003 02:20:43 -0700 (PDT), robin kurian <rkigns@yahoo.com> 
> wrote:
>
>> It worked!   Is there anyother way of starting apache at port 80 without 
>> being a "root" group?
>> graghupathy@aegonuk.co.uk wrote:for using any port < 1024 you need to 
>> start apache as root .... i would suggest you that you get yourself in 
>> the "root" group...
>>
>> thanks guru
>>
>> -----Original Message-----
>> From: robin kurian [mailto:rkigns@yahoo.com]
>> Sent: 12 May 2003 09:49
>> To: tomcat-user@jakarta.apache.org
>> Subject: (13)Permission denied while starting apache
>>
>>
>> Hi All I installed apache and tomcat and connected both using mod_jk in 
>> Red
>> Hat Linux 8.0. Installation was done from the root login. Everything 
>> worked
>> fine. Then i changed the user and group of apache and tomcat directories 
>> to
>> my login and group. Now tomcat started successfully, But while starting
>> apache i am got the following error. (13)Permission denied: make_sock: 
>> could
>> not bind to address 0.0.0.0:80
>> no listening sockets available, shutting down
>> Unable to open logs I checked the permissions. Apache and Tomcat 
>> directories
>> and its subdirecories are owned by me. So why its giving this error 
>> .Please
>> help.... ThanksRobin
>>
>> ---------------------------------
>> Do you Yahoo!?
>> The New Yahoo! Search - Faster. Easier. Bingo.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> The New Yahoo! Search - Faster. Easier. Bingo.
>
>
>



-- 
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message