After the bind() call, i would believe. Setting the local port (binding) is the restricted operation, not accepting connections on an already bound socket, etc. [unless i am terribly mistaken ;-)] If all else fails, you can, of course, try each possibility and see which ones bonk. (change "|| die" to "|| die 'at bind()'", etc) -Adam Lydick ---------------------------------- Shmee... I think there's something wrong with this world. --SQUEE!, Jhoen Vasquez On Wed, 2 May 2001, Aurobindo Sundaram (+1 512 331 3743) wrote: > Hi, > > I'm just wondering where in the network port opening sequence it is > appropriate to drop privileges. Consider the following snippet of code and > assume we're opening a port < 1024. Obviously, we need root privileges to > bind ... when is the earliest we can drop them? See below for the choices. > > Thks, > Robin > > > socket(Server, PF_INET, SOCK_STREAM, $proto) || die "socket: $!"; > bind(Server, sockaddr_in($port, INADDR_ANY)) || die "bind: $!"; > ### Drop position 1 > > listen(Server,SOMAXCONN) || die "listen: $!"; > ### Drop position 2 > > for ( ; $paddr = accept(Client,Server); close Client) { > ### Drop position 3 > my($port,$iaddr) = sockaddr_in($paddr); > my $name = gethostbyaddr($iaddr,AF_INET); > print Client "Hello there, $name, it's now ", > scalar localtime, $EOL; > } >
This archive was generated by hypermail 2b30 : Thu May 03 2001 - 14:45:19 PDT