logoalt Hacker News

cyberaxtoday at 1:36 AM3 repliesview on HN

Fun fact! On macOS you can expose privileged ports (<1024) using a regular user account.

But ONLY if you don't bind the listening port to any interface. So you try to create a listening port on localhost (e.g. 127.0.0.1:443) under a non-root account you get a permission error.

Edit: the thing is, you CAN expose "0.0.0.0:443" without root privileges!

Replies

kristopoloustoday at 2:23 AM

it's called a privileged port and it's been like this for decades, on every system, ever.

Here's a reference to this "macos feature" from 1995: https://www.w3.org/Daemon/User/Installation/PrivilegedPorts....

show 1 reply
vxxzytoday at 2:01 AM

A feature! Not a bug! Bugs can be undisovered features.

throwaway314155today at 1:44 AM

How exactly are the ports "exposed" if they can't be bound to an interface?

show 1 reply