authbind - Exposing non-root processes on privileged ports ( < 1024 )

By Aseem Shrey on
LinuxHistory

authbind

authbind is an Open-source system utility written by Ian Jackson and is distributed under the GNU General Public License. The authbind software allows a program that would normally require superuser privileges to access privileged network services to run as a non-privileged user.

This allows the system administrator to permit specific users and groups access to bind to TCP and UDP ports below 1024. Ports 0 - 1023 are normally privileged and reserved for programs that are run as the root user. Allowing regular users limited access to privileged ports helps prevent possible privilege escalation and system compromise if the software happens to contain software bugs or is found to be vulnerable to unknown exploits.

How does this work ?

authbind achieves this by defining the LD_PRELOAD environment variable which loads a libauthbind library. This library overrides the bind() call with a version that executes a setuid helper program (/usr/lib/authbind/helper) with the socket as file descriptor 0 ( stdin ).

The helper validates its arguments and checks its configuration, calls the real bind() system call on file descriptor 0 (which also affects the original process's socket), and exits, allowing the original process to continue with the socket bound to the requested address and port.

Source : authbind - Wikipedia

Aseem Shrey

Hey! I'm Aseem Shrey.

const about_me = {
    loves: "CyberSec, Creating Stuff",
    currently_reading: "Gandhi: The Years That Changed 
the World, 1914-1948",
    other_interests: [
        "Reading 📚",
        "IoT Projects 💡",
        "Running 🏃( Aim to run a full marathon )",
        "Swimming 🏊‍♂️"
    ],
    online_presence: HackingSimplified AseemShrey
};

Ping me up if you wanna talk about anything.

About meJoin newsletterGitHub