Comment by cyberax

6 hours ago

Fun fact! On macOS you can expose privileged ports (<1024) using a regular user account.

But ONLY if you don't bind the listening port to any interface. So you try to create a listening port on localhost (e.g. 127.0.0.1:443) under a non-root account you get a permission error.

Edit: the thing is, you CAN expose "0.0.0.0:443" without root privileges!

5 comments

cyberax

kristopolous 5 hours ago

it's called a privileged port and it's been like this for decades, on every system, ever.

Here's a reference to this "macos feature" from 1995: https://www.w3.org/Daemon/User/Installation/PrivilegedPorts....

Zambyte 3 hours ago

https://news.ycombinator.com/item?id=18302380

vxxzy 5 hours ago

A feature! Not a bug! Bugs can be undisovered features.

throwaway314155 6 hours ago

How exactly are the ports "exposed" if they can't be bound to an interface?

Zambyte 3 hours ago

Binding to 0.0.0.0 means binding to every interface.