Running application on 443 port ( without root or su )

[sunraise76]

Hi,

I want to run my application on 443 port.
sunraise76 is the user id in the system.
Is it possible to run the application without adding this user in sudo user's list?
If not, Please tell me the most restricted way to start the application. the sunraise76 user should not have any additional prevlieges except running the applicaiton on 443 port.

Thanks and Regards,

Ravindra

[alain_]

what application are we talking about?

[sunraise76]

It is java application.

[alain_]

Port 443 is normally used by apache ssl.

Why does your app must run on a lower port?
Every port below 1024 is reservd for root.

Maybe look for an alternative like redirecting the port?
Something like this iptables rule:

Code:

iptables -t nat -A PREROUTING -p tcp --dport your-port -i eth0 -j REDIRECT --to-port 443

This way you can run your app on any port you like,
and have no trouble with the root story.
(google -> port redirection)

[edit]
Disclaimer:
i am no iptables heroe, don't copy/paste this rule.

[sunraise76]

My application is running on some other port actually. like 2000
So if a system is protected by firewall, they are unable to connect to 2000 port.
So i am opening my application to run on both 2000 and 443. Firewall allows 443 port to connect. If a client is unable to connect 2000, he will now try to connect 443 and he will succeed.

So for this reason, I want to run my application on 443 port. SInce it is a standard port, it is not allowing me to open the port. At the same time i do not want su/root permission for this user ( sunraise76) only to run the application on 443

[alain_]

I don't think this will work.
Like i said, i am no expert, just a hobbyist.

But this topic conferms my toughts
http://www.linuxquestions.org/questions/history/343115
The last reply gives an interesting option.

[sunraise76]

Ok. The following way is fine for me.

After start of the application, the applicaiton should demote the user from root to my myser id: sunraise76