ubuntu-us-nj In a bind

Michael Greb mgreb at linode.com
Thu May 7 05:42:09 BST 2009 

On May 6, 2009, at 11:41 PM, David Collins wrote:
> Another application or service may be using this port
> ERROR 13 binding Gopher socket port 70
> seteuid FAILED
> Operation not permitted

Hi David,

Under Linux binding to a port below 1024 requires root (admin)  
privileges so the daemon must be started as root to be able to bind to  
port 70.  "Another application or service may be using this port" is a  
message generated by the application in response to not being able to  
bind to the port, it's just guessing and offering the most likely  
cause as a suggestion.  Error 13 is the specific error returned by the  
system call and is  a permission denied error.

Most daemons will drop privileges to a configured user once the port  
is bound to so that they aren't running with root the whole time.   
This turns a vulnerability in the daemon into a vulnerability exposing  
only things that user is allowed access to.  This privilege dropping  
is accomplished by a seteuid system call which accounts for the second  
error.  Since the daemon is not being run as root, it doesn't have the  
privilege necessary to switch the processes effective user id.  The  
'Operation not permitted' error at the end likely refers to one of  
these two errors.

BTW, in addition to the nmap, an alternative and faster way to get the  
same information plus a bit more would be 'sudo netstat -nptl'.  This  
will not only list the ports and addresses with services bound to them  
but also the process id and name of the daemon bound to the socket.

Michael Greb
Linode.com
(609) 593-7103 x1205
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-us-nj/attachments/20090507/f28659d3/attachment.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-us-nj/attachments/20090507/f28659d3/attachment.pgp

More information about the Ubuntu-us-nj mailing list