Gregory's Server@stemid Please see the linked page (and the articles linked to that) :)
|
4 comments
@aral ok I read the post but all I can say is that I deploy services of all sorts of languages and frameworks for a living and I never have to give them any higher privileges. Because in production there is always a proxy in front of the service, and in dev they can use nonstandard ports. So I still see no reason to allow services to use privileged ports in my view. But we all have different perspectives.  @stemid This is my use case: https://ar.al/2020/08/07/what-is-the-small-web/ We need to set up your own Facebook on your own server in under a minute with no technical knowledge required on your part. And democratise development while we’re at it as much as possible. So no front controller/proxy, etc., setups. Think lightweight server with in-process database. But, beyond use cases, again, it provides no real security unless you’re administering a System/360. |
@aral @stemid I mean, there's just plenty of solutions. From what I read in your article you have found one through modifying a kernel parameter. Which means that the mechanism is implemented. It's just not enabled by default.
I see lots of workarounds to your problem and Linux in itself doesn't prevent one from achieving the behavior you're looking for.