Easy pop-fly here.
I finally figured out the WCT and it appears to work well. One thing puzzles me tho.
We want to run everything non-root if we can - enterprise restrictions on root are getting pretty tight. We also like to run IHS on ports 80/443.
In the WCT when selecting the HTTP port, there is this verbiage:
"Running IBM HTTP Server without root or Administrative privileges might restrict use of ports below 1024."
So, the naive and childlike question is, why? What's magical about the ports below 1024?
Pinned topic IHS as non-root and ports < 1024
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-03-30T20:37:23Z at 2011-03-30T20:37:23Z by SystemAdmin
Re: IHS as non-root and ports < 10242011-03-30T00:09:37ZThis is the accepted answer. This is the accepted answer.It's a traditional OS imposed limitation that in part prevents user processes from masquerading as system daemons on known, low ports. Also prevents user processes blocking these same daemons from restarting.
starting ons as root, and letting it drop privileges, is generally preferred. Otherwise, the nonroot user who starts ous can no longer genuinely be called unprivileged yet is now also running all request processing code.
IBM HTTP Server and Apache Development