[icecast] icecast on port 80 NOT as root

Samuel Hathaway hathaway at munkynet.org
Wed Aug 21 02:40:08 UTC 2002



On 20 Aug 2002, Bryan Jay Miller wrote:

> This may seem simple but I've looked all over and come up with nothing.
> I'm interested in running Icecast 1.3.12 on port 80 to get around the
> firewall issue. Obviously it's not prudent to run Icecast at root so I'm
> wondering is there any way to safely run Icecast on port 80 using either
> setuid or port redirection? Has anyone accomplished this and if so,
> how'd you do it?

Check out cbs:

        cbs is a system tool, composed of a client and a server. Using cbs
        as root, you will be able to allow specific users or groups to
        bind specific ports below 1024. Those users will have to use the
        cbs client library. The aim of cbs is to increase system security.

http://www.epita.fr:8000/~flav/cbs/doc/html/

I found it suggested on the mod_perl site as a possible way of enforcing
that users only be allowed to run apache processes on particular ports.
-sam

--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.



More information about the Icecast mailing list