Menu

#286 Standard ports in linux

v4.7.3
closed
nobody
linux (2) java (3) tomcat (1) davmail (3)
5
2016-12-10
2016-11-25
Juan Carlos
No

Hello,

I've installed in Linux the Tomcat version of Davmail. I got it working with the non-standard ports. (1025, 1110, 1143...)

I forwarded in the router the standard ports to the non-standard ones and it has worked so far. (110 > 1110)

However now this set-up is creating conflicts with other applications.

I already looked how to allow Davmail to Listen to ports in the 0-1024 range. Found this solution:

setcap 'cap_net_bind_service=+ep' /path/to/program

My question now is which process should I allow to bind ports?

Java or Tomcat sound a little insecure, is there a way to bind the Davmail application?

Thank you!

Discussion

  • Mickael Guessant

    Mickael Guessant - 2016-11-26

    You don't need Tomcat to run DavMail, just run it in daemon mode, an init script is available in contribs:
    https://sourceforge.net/p/davmail/code/HEAD/tree/trunk/src/contribs/init/

    In order to access DavMail on standard ports, IMHO the best way is to run DavMail as a simple user and forward ports with iptables

     

  • Juan Carlos

    Juan Carlos - 2016-12-08

    Thanks for the info.
    For other people interested. I finally authorized java to bind ports. I think is a good compromise between compatibility and security.
    something like:
    setcap cap_net_bind_service=+ep /usr/lib/jvm/java-7-oracle/jre/bin/java

    or the path to your java version.

     

  • Mickael Guessant

    Mickael Guessant - 2016-12-10
    • status: open --> closed
     

  • Mickael Guessant

    Mickael Guessant - 2016-12-10

    Thanks for your feedback, closing case

     

Log in to post a comment.