# Binding to reserved ports as a user



## CodeBlock (Aug 8, 2009)

Quick question, I know it is possible, using 
`net.inet.ip.portrange.reservedhigh=0`, to make it so users can bind to low ports, but my question is, is it possible to make only _one_exception? I.e. say I need to run something as a *user* on port 443. Is this possible?


----------



## anomie (Aug 8, 2009)

Not sure - and frankly I wouldn't mess with the first 1024 ports in this way. 

Could you instead set this up with a little sudo configuration? i.e. Install the security/sudo port, and create the user an entry so that he can only run the daemon that needs to bind to tcp 443 (and use NOPASSWD if preferred). 

_Or_ if the idea here is you want the daemon to run as an unprivileged user, you could instead arrange for port forwarding from tcp 443 to e.g. tcp 8443.


----------



## CodeBlock (Aug 9, 2009)

Ah, alright, yeah forwarding is an option. I was just curious, got into a discussion in an irc channel, and was wondering about this.

Thanks


----------

